Re: JAAS how to find user login name on the web app

[David Smith]

In that case I think you need to read the JAAS docs and implement the 
proper callbacks.  This page looks to be a good place to start:

http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#JAASRealm
As I understand it from a very cursory read-through, the JAAS realm 
callbacks aren't http aware and don't interact with the request or 
response.  There's a callback for the name and a separate one for the 
password.  The realm class does it's magic and returns the proper yes/no 
responses.

--David

lmk wrote:
yes I must send the user name and password  to a web services to get other
user informations..


David Smith-2 wrote:
  
I don't think password is ever intended to be exposed to the webapp ... 
just the username.  Is there a reason you need the password?

--David

lmk wrote:
    
I dont found how to get the user password...j_password  parameter is not
in
request nor session .




lmk wrote:
  
      
Im using tomcat Realm..

I can even get the user password!!

thanks..



rpr_listas wrote:
    
        
Hi, lmk!

Your JAAS module is a tomcat Realm? If you develop a tomcat realm you 
can access the user data via the standard servlet API.

HttpServletRequest.getRemoteUser();
HttpServletRequest.getUserPrincipal();

regards.
Ricardo.

lmk escribió:
      
          
Hii,

I developed a JAAS module for authentication, and I deployed it on the
tomcat server. I'd like to display the login name on the web app after
authenticatiobn succeed.how to find it ..?

can i finf it on the session?? or must use the Callbackhandler
object..?

regards!!!

  
        
            
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



      
          
    
        
  
      
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



    

  


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]