NT user

Hi,

How can I obtain the NT username for the currently logged in user ?? would appreciate any examples a lot..

TIA,
sg
[ August 25, 2004: Message edited by: Bear Bibeault ]

The client or server-side user?

Hi All,

I have been trying to do this for a few days now. I could get in using ASP.
But with JSP it doesnt seems to work that easily. I think it has something to do with the Tomcat and IIS configuration. The configuration is quite something and not as easy as a b c.

I would like to know, if I may, that by configuring tomcat with IIS, is it possible to get the NT user name.

Thanks in advance!

I don't have NT but this works for me at the server-side in XP:
System.getProperty("user.name");
I suspect that if you want the user name at the client side you'll be sorely disappointed, unless maybe you use ActiveX.

Jules

Julian I think you will find that by using the System.getProperty(xxx) to get the username would work, but it will always get your username regardless of who is requesting the page.

However People, I found a code extract that would grab the users nt username,domain and remote machine name. I found the code, with some help from a colleague from another site. And, it works well on IE browsers.

You can paste this code in a servlet or in a jsp page and it work just.........fine!

String auth = request.getHeader("Authorization");
if (auth == null)
{
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
response.flushBuffer();
return;
}
if (auth.startsWith("NTLM "))
{
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
if (msg[8] == 1)
{
byte z = 0;
byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P',
z,(byte)2, z, z, z, z, z, z, z,(byte)40, z, z, z,
(byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
response.setHeader("WWW-Authenticate", "NTLM " +
new sun.misc.BASE64Encoder().encodeBuffer(msg1));
response.sendError(response.SC_UNAUTHORIZED);
return;
}
else if (msg[8] == 3)
{
off = 30;

length = msg[off+17]*256 + msg[off+16];
offset = msg[off+19]*256 + msg[off+18];
String remoteHost = new String(msg, offset, length);

length = msg[off+1]*256 + msg[off];
offset = msg[off+3]*256 + msg[off+2];
String domain = new String(msg, offset, length);

length = msg[off+9]*256 + msg[off+8];
offset = msg[off+11]*256 + msg[off+10];
String username = new String(msg, offset, length);

out.println("Username:"+username+"<BR>");
out.println("RemoteHost:"+remoteHost+"<BR>");
out.println("Domain:"+domain+"<BR>");
}
}



Cheers, hope this helps

I suppose that's useful if you're using it on an intranet, but not a great idea for the Internet really.

I wouldn't be too happy if my browser is transmitting my login id and machine name across the network to all and sundry. I'll have to check that out.

Jules

I agree Jules.

I guess to grab this kind of information the correct way would be to configure IIS and Tomcat. I am going to give it a go.

Wish me luck.

Hi,

We are using Weblogic 8.1 and there is no question of using IIS and ASP to obtain the NT username.

I had already tried Bhavesh Ravjee�s suggestion except that it is very easy to hack. All the user has to do is change the security setting to High and then he can insert any username he wants.

I could also obtain the username using ActiveX but again this isnt very reliable because it would mean going to each machine and confirming that the IE security setting allows the ActiveX object to execute.

I am setting this up for an Intranet env but there still has to be a relia ble mechanism to obtain this info.

Thanks again,

System Architecture 101: If you want to integrate closely with Microsoft software, use Microsoft products. Trying to mix chalk and cheese where no open standards exist is guaranteed to give you a headache at some point down the line.

Here's a suggestion: how about implementing your login page in .Net and capturing the username through some proprietory attribute it's bound to have access to, then forward that in the request to your servlet as a parameter.

Jules

Try this link How to authenticate a Servlet App with Windows passwords?.

I hope this will help you.