> > >Consider that you might have the mailboxes for a particular user defined
> > >in a database table called "mailboxes", with columns "username" and
> > >"mailboxname". It would be easy to construct an SQL statement like this:
> > >
> > > select mailboxname from mailboxes
> > > where username = xxx
> > >
> > >and replace xxx by the value returned from request.getRemoteUser(). This
> > >would allow the user access *only* to his or her own mailboxes.
> >
> > Assuming, of course, that your users are using the same machine / login id
> > - not necessarily the case in, for example, a university with shared
> > machines...
> >
>
>Why would you need to make this assumption?
>
>The "username" we are talking about here is the one stored in something
>like JDBCRealm for the servlet container
My bad - I was confusing request.getRemoteUser() with something else -
probably url.getUserInfo.... that'll teach me not to RTFM, or at least
RTFAPI ;)
--
* Jim Cheesman *
Trabajo:
[EMAIL PROTECTED] - (34)(91) 724 9200 x 2360
Some people say that I'm
superficial, but that's just on the surface.
