tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Fincher" <...@tbird.com>
Subject Re: Retrieve User - Realm
Date Tue, 17 Dec 2002 00:02:42 GMT
A user is an entity with a user name.  That's all you know about them unless
you have more info stored locally. A Principal is an object that contains a
name as a minimum, but also contains other data that varies depending on
what type of security system is used.

>From the docs:

getRemoteUser()
          Returns the login of the user making this request, if the user has
been authenticated, or null if the user has not been authenticated.

getUserPrincipal()
          Returns a java.security.Principal object containing the name of
the current authenticated user.

  public interface Principal
This interface represents the abstract notion of a principal, which can be
used to represent any entity, such as an individual, a corporation, and a
login id.



  See Also:
  X509Certificate

----- Original Message -----
From: "Michael Echerer" <mech@RZ.FH-Augsburg.DE>
To: <tomcat-user@jakarta.apache.org>
Sent: Monday, December 16, 2002 5:20 PM
Subject: Re: Retrieve User - Realm


> >
> > More specifically, he may be looking for:
> >
> > request.getUserPrincipal().getName(), which returns the
> > actual user name.
> >
> > I believe that request.getRemoteUser() only returns the
> > username if the
> > user is authenticated using BASIC authentication.
>
> Actually not true, although I don't say I got the whole difference between
Principal and RemoteUser in practical terms. What is it? ;-)
>
> request.getRemoteUser() also works with form based authentication as it
mimics basic auth.
> Have a look for tomcat's examples app under jsp/security/protected.
> Both methods show the same user name and it is also stored in the realm
like basic auth does as you can see if you have a look after login using the
examples' snoop.jsp.
>
>
>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>
>
>


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message