Return-Path: 
 <httpclient-user-return-1403-apmail-jakarta-httpclient-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-httpclient-user-archive@www.apache.org
Received: (qmail 43040 invoked from network); 11 Oct 2005 05:41:47 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 11 Oct 2005 05:41:47 -0000
Received: (qmail 69756 invoked by uid 500); 11 Oct 2005 05:41:46 -0000
Delivered-To: apmail-jakarta-httpclient-user-archive@jakarta.apache.org
Received: (qmail 69741 invoked by uid 500); 11 Oct 2005 05:41:46 -0000
Mailing-List: contact httpclient-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:httpclient-user-help@jakarta.apache.org>
List-Unsubscribe: <mailto:httpclient-user-unsubscribe@jakarta.apache.org>
List-Post: <mailto:httpclient-user@jakarta.apache.org>
List-Id: "HttpClient User Discussion" <httpclient-user.jakarta.apache.org>
Reply-To: "HttpClient User Discussion" <httpclient-user@jakarta.apache.org>
Delivered-To: mailing list httpclient-user@jakarta.apache.org
Received: (qmail 69724 invoked by uid 99); 11 Oct 2005 05:41:46 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 10 Oct 2005 22:41:46 -0700
X-ASF-Spam-Status: No, hits=0.5 required=10.0
	tests=DNS_FROM_RFC_ABUSE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: domain of ROLWEBER@de.ibm.com designates
 195.212.29.150 as permitted sender)
Received: from [195.212.29.150] (HELO mtagate1.de.ibm.com) (195.212.29.150)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 10 Oct 2005 22:41:48 -0700
Received: from d12nrmr1607.megacenter.de.ibm.com
 (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49])
	by mtagate1.de.ibm.com (8.12.10/8.12.10) with ESMTP id j9B5fNon142294
	for <httpclient-user@jakarta.apache.org>; Tue, 11 Oct 2005 05:41:23 GMT
Received: from d12av04.megacenter.de.ibm.com (d12av04.megacenter.de.ibm.com
 [9.149.165.229])
	by d12nrmr1607.megacenter.de.ibm.com (8.12.10/NCO/VERS6.7) with ESMTP id
 j9B5fNHT169480
	for <httpclient-user@jakarta.apache.org>; Tue, 11 Oct 2005 07:41:23 +0200
Received: from d12av04.megacenter.de.ibm.com (loopback [127.0.0.1])
	by d12av04.megacenter.de.ibm.com (8.12.11/8.13.3) with ESMTP id
 j9B5fNHG004882
	for <httpclient-user@jakarta.apache.org>; Tue, 11 Oct 2005 07:41:23 +0200
Received: from d12ml067.megacenter.de.ibm.com (d12ml067.megacenter.de.ibm.com
 [9.149.164.162])
	by d12av04.megacenter.de.ibm.com (8.12.11/8.12.11) with ESMTP id
 j9B5fNHs004878
	for <httpclient-user@jakarta.apache.org>; Tue, 11 Oct 2005 07:41:23 +0200
In-Reply-To: 
 <OFC54BE2DF.205FB2E1-ON85257096.0073333B-85257096.00750363@dtcc.com>
To: "HttpClient User Discussion" <httpclient-user@jakarta.apache.org>
MIME-Version: 1.0
Subject: Re: Setting Remote User Header
X-Mailer: Lotus Notes Release 6.5.4 March 27, 2005
From: Roland Weber <ROLWEBER@de.ibm.com>
X-MIMETrack: S/MIME Sign by Notes Client on Roland Weber/Germany/IBM(Release
 6.5.4|March
 27, 2005) at 11.10.2005 07:41:08,
	Serialize by Notes Client on Roland Weber/Germany/IBM(Release 6.5.4|March
 27, 2005) at 11.10.2005 07:41:08,
	Serialize complete at 11.10.2005 07:41:08,
	S/MIME Sign failed at 11.10.2005 07:41:08: The cryptographic key was not
 found,
	Serialize by Router on D12ML067/12/M/IBM(Release 6.53HF247 | January 6,
 2005) at
 11/10/2005 07:41:22,
	Serialize complete at 11/10/2005 07:41:22
Message-ID: 
 <OFD2BF8651.FEF57042-ONC1257097.001EC281-C1257097.001F3E7C@de.ibm.com>
Date: Tue, 11 Oct 2005 07:41:18 +0200
Content-Type: text/plain; charset="US-ASCII"
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Hello Michael,

> I have an application that uses the 
> javax.servlet.http.HttpServletRequest.getRemoteUser() method to pick up 
> what user was previously authenticated. 

The Servlet API is implemented by your servlet engine, and that
implementation decides what server-side authentication mechanism
is applied to determine the remote user. Setting one header or
another (except Authentication: of course) won't have any effect.
Or else your servlet engine's security is broken.

I suggest you search through the J2EE documentation about
authentication in general, then through your servlet engine's
documentation about user management and authentication. Once
your servlet or web application is properly protected from
unauthorized access, you check out our authentication guide

http://jakarta.apache.org/commons/httpclient/authentication.html

to learn how the HttpClient can authenticate against the server.

hope that helps,
  Roland

> I wrote the code below, but request.getRemoteUser() in my JSP still 
> returns null. Do I need to write a class that implements AuthScheme to 
do 
> this?
> 
>                 HttpClient client = new HttpClient();
>                 HttpMethod method = new GetMethod(url);
>                 method.setRequestHeader("REMOTE_USER", testUser);
>                 String responseBody = null;
>                 try{
>                         client.executeMethod(method);
>                         responseBody = method.getResponseBodyAsString();
>                 } catch (HttpException he) {
>                         System.err.println(
>                                 "Http error connecting to '" + url + 
"'");
>                         System.err.println(he.getMessage());
>                 } catch (IOException ioe) {
>                         System.err.println(
>                                 "Unable to connect to '" + url + "'");
>                 }
> 
> 
> Thanks in advance. 
> 
> Mike Schwartz

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org