tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Gwin <tom...@cafesoft.com>
Subject Re: Retrieve User - Realm
Date Mon, 16 Dec 2002 22:03:35 GMT
Michael,

Principal returns the object implementing the Principal interface, where 
request.getRemoteUser is a CGI compatibility call. I know there have 
been instances when getRemoteUser did not work as expected for me (I 
thought it was with BASIC authentication but that must not be the case). 
Hence, I believe that using the Principal object is the recommended way 
to go.

Gary

Michael Echerer wrote:

>>More specifically, he may be looking for:
>>
>>request.getUserPrincipal().getName(), which returns the 
>>actual user name.
>>
>>I believe that request.getRemoteUser() only returns the 
>>username if the 
>>user is authenticated using BASIC authentication.
>>    
>>
>
>Actually not true, although I don't say I got the whole difference between Principal and
RemoteUser in practical terms. What is it? ;-)
>
>request.getRemoteUser() also works with form based authentication as it mimics basic auth.
>Have a look for tomcat's examples app under jsp/security/protected. 
>Both methods show the same user name and it is also stored in the realm like basic auth
does as you can see if you have a look after login using the examples' snoop.jsp.
>
>
>
>
>
>
>--
>To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
>
>  
>

-- 

Gary Gwin
http://www.cafesoft.com

*****************************************************************
*                                                               *
*   The Cafesoft Access Management System, Cams, is security    *
*   software that provides single sign-on authentication and    *
*   centralized access control for Apache, Tomcat, and custom   *
*   resources.                                                  *
*                                                               *
*****************************************************************



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message