[EMAIL PROTECTED] wrote:
Do you mean during the login process, or after it has been done?I mean after the user has been logged in (form based login).Have you an example how I can receive the password from the HttpServletRequest?
You can't access the credential from HttpServletRequest object, it's not made available as part of the Servlet spec.
Which realm implementation are you using? p
greets -------- Original-Nachricht -------- Datum: Wed, 02 May 2007 13:31:49 -0400 Von: Christopher Schultz <[EMAIL PROTECTED]> An: Tomcat Users List <users@tomcat.apache.org> Betreff: Re: User-password from the HttpServletRequest-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sam, [EMAIL PROTECTED] wrote:How can I get the password from the logged in user via the HttpServletRequest in general? (I need the password in a servlet filter to do some stuff)Do you mean during the login process, or after it has been done? Unless you can get a request object during the login process, you will only be able to get the user's password when using BASIC authentication (not FORM). You'll need to get the "Authorization" header from the request and decode it to get the user's credentials. You can read all about HTTP auth in RFC 2617 (http://www.faqs.org/rfcs/rfc2617.html) to determine how to interpret the data found there.And there some web server independent solution?I assume that you mean /application server/-independent solution. Yes, all (compliant) Java application servers support the servlet API. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGOMsF9CaO5/Lv0PARAlIvAKChwWOlitX82IddFCuhseB/yVQKdgCgpwAN IUy2xRS5++zOtJm/Zvfd31s= =HvYe -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
