Hello Michael, > I have an application that uses the > javax.servlet.http.HttpServletRequest.getRemoteUser() method to pick up > what user was previously authenticated.
The Servlet API is implemented by your servlet engine, and that implementation decides what server-side authentication mechanism is applied to determine the remote user. Setting one header or another (except Authentication: of course) won't have any effect. Or else your servlet engine's security is broken. I suggest you search through the J2EE documentation about authentication in general, then through your servlet engine's documentation about user management and authentication. Once your servlet or web application is properly protected from unauthorized access, you check out our authentication guide http://jakarta.apache.org/commons/httpclient/authentication.html to learn how the HttpClient can authenticate against the server. hope that helps, Roland > I wrote the code below, but request.getRemoteUser() in my JSP still > returns null. Do I need to write a class that implements AuthScheme to do > this? > > HttpClient client = new HttpClient(); > HttpMethod method = new GetMethod(url); > method.setRequestHeader("REMOTE_USER", testUser); > String responseBody = null; > try{ > client.executeMethod(method); > responseBody = method.getResponseBodyAsString(); > } catch (HttpException he) { > System.err.println( > "Http error connecting to '" + url + "'"); > System.err.println(he.getMessage()); > } catch (IOException ioe) { > System.err.println( > "Unable to connect to '" + url + "'"); > } > > > Thanks in advance. > > Mike Schwartz --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
