Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 66537 invoked from network); 4 Jun 2005 18:55:45 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 4 Jun 2005 18:55:45 -0000 Received: (qmail 25246 invoked by uid 500); 4 Jun 2005 18:55:30 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 25232 invoked by uid 500); 4 Jun 2005 18:55:30 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 25214 invoked by uid 99); 4 Jun 2005 18:55:30 -0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: domain of jak-tomcat-user@m.gmane.org designates 80.91.229.2 as permitted sender) Received: from main.gmane.org (HELO ciao.gmane.org) (80.91.229.2) by apache.org (qpsmtpd/0.28) with ESMTP; Sat, 04 Jun 2005 11:55:28 -0700 Received: from list by ciao.gmane.org with local (Exim 4.43) id 1Dedjr-00067k-Uq for tomcat-user@jakarta.apache.org; Sat, 04 Jun 2005 20:51:19 +0200 Received: from digbyk.plus.com ([81.174.129.211]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 04 Jun 2005 20:51:19 +0200 Received: from lists by digbyk.plus.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 04 Jun 2005 20:51:19 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: tomcat-user@jakarta.apache.org From: Digby Subject: Re: How to get user's password from tomcat Date: Sat, 04 Jun 2005 19:53:18 +0100 Lines: 34 Message-ID: References: <004501c567f3$8e5fbd00$4301a8c0@speedlegal.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: digbyk.plus.com User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en In-Reply-To: Sender: news X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N I'm not sure you're supposed to be able to get it. Also, what would you expect to get if the password was hashed? Can you not just read the password from the database / ldap source? Digby Larry Meadors wrote: > The principle may contain it, but you would have to get it via > reflection or cast it to it's original type to see it. > > Larry > > > On 6/2/05, Jo wrote: > >>Hi all, >> >>Once Tomcat has authenticated a login, we can get the the authenticated >>user's name from the request's getRemoteUser() or getUserPrincipal() >>methods. >>Is there a way to get the user's password when the authentication type is >>form-based or single-sign-on ? >> >>Thanks a lot. >>Jo.- >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org >>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org