Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 58664 invoked from network); 2 May 2007 20:43:39 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 May 2007 20:43:39 -0000 Received: (qmail 26953 invoked by uid 500); 2 May 2007 20:43:33 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 26934 invoked by uid 500); 2 May 2007 20:43:33 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 26923 invoked by uid 99); 2 May 2007 20:43:33 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 May 2007 13:43:33 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: neutral (herse.apache.org: local policy) Received: from [63.240.77.83] (HELO sccrmhc13.comcast.net) (63.240.77.83) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 May 2007 13:43:25 -0700 Received: from [192.168.1.47] (c-69-143-16-171.hsd1.va.comcast.net[69.143.16.171]) by comcast.net (sccrmhc13) with ESMTP id <20070502204303013003e0pje>; Wed, 2 May 2007 20:43:04 +0000 Message-ID: <4638F84E.8080108@christopherschultz.net> Date: Wed, 02 May 2007 16:45:02 -0400 From: Christopher Schultz User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: User-password from the HttpServletRequest References: <20070502165622.105190@gmx.net> <4638CB05.6060500@christopherschultz.net> <20070502183111.154120@gmx.net> In-Reply-To: <20070502183111.154120@gmx.net> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sam, sebbo@gmx.ch wrote: >> Do you mean during the login process, or after it has been done? > > I mean after the user has been logged in (form based login). > > Have you an example how I can receive the password from the > HttpServletRequest? Unless you are using some non-standard setup or user-tracking library of some kind, there is no way to get the user's password from the request (or anywhere else for that matter). Your application will need to take care of this capability itself. I'd like to point out that storing users' unencrypted passwords anywhere is probably not a good idea, though I must admit that I don't know what situation you are in. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGOPhN9CaO5/Lv0PARAhmgAJ9J/JwWYIfqXBcKRibC+cnVCpOWpACfTMU2 BCfrbvfSAVTvoBxP8peaxpw= =Dmyd -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org