tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Siegrist <A.Siegr...@tv1.de>
Subject Re: Q: problem with authentication
Date Thu, 03 Feb 2000 11:56:31 GMT
You may get the user name (and password) by decoding the
authorization string yourself. We are using a static method in a
utility class:

public static String getRemoteUser(HttpServletRequest request) {
    String auth = request.getHeader("authorization"); // as send by apache
    if (auth == null) return null;

    try {
      auth = new String((new
BASE64Decoder()).decodeBuffer(auth.substring(6)));
    }
    catch (Exception exc) {
      exc.printStackTrace();
      return null;
    }

    if (auth == null)
      return null;
    int pos = auth.indexOf(":");
    if (pos < 0)
      return null;
    return auth.substring(0, pos);
}

Bye
Andi


Martin Rusnak schrieb:

> I'm trying to use http authentication with tomcat3.0.
> Method HttpServletRequest.getRemoteUser() alwais returns null.
>
> here is code:
> ------
>     public void service (HttpServletRequest request, HttpServletResponse
> response)
>         throws ServletException, IOException
>     {
>         String user=request.getRemoteUser();
>         if(user==null||user==""){
>             response.setHeader("WWW-Authenticate","Basic realm=\"My
> Realm\"");
>             response.sendError(401,"Unauthorized");
>             out.println("Text to send if user hits Cancel button\n");
>             return;
>         }
>
>         ....
> ------
>
> Is there any other way to get user name?
>
> Martin Rusnak
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message