Since we're talking tomcat, you can generally cast the principle to generic principle: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/realm/GenericPrincipal.html
It has a getPassword() method. I do not know if that password gets hashed...it never was with any of the realms i have used. Larry On 6/4/05, Digby <[EMAIL PROTECTED]> wrote: > I'm not sure you're supposed to be able to get it. Also, what would you > expect to get if the password was hashed? > > Can you not just read the password from the database / ldap source? > > Digby > > > Larry Meadors wrote: > > The principle may contain it, but you would have to get it via > > reflection or cast it to it's original type to see it. > > > > Larry > > > > > > On 6/2/05, Jo <[EMAIL PROTECTED]> wrote: > > > >>Hi all, > >> > >>Once Tomcat has authenticated a login, we can get the the authenticated > >>user's name from the request's getRemoteUser() or getUserPrincipal() > >>methods. > >>Is there a way to get the user's password when the authentication type is > >>form-based or single-sign-on ? > >> > >>Thanks a lot. > >>Jo.- > >> > >> > >>--------------------------------------------------------------------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
