• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Obtaining client user id in Tomcat via Http

 
Aj Chawla
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I need to implement SSO for a java based (JSP, struts) web application.
Iam using Tomcat as web server deployed on Windows 2003 server.

I plan to the above in follwing steps -
1. Obtain logged user information via http request.
2. Check with ADS if the user exists in the priviliged user group.
3. If I get Yes in above step then create a session and show the home page.
4. if I get No in step 2, then I show a login page and validate user through db.

Now, Iam able to perform steps 2 and beyond but only problem left is step 1. I dont know how to get the client side logged user information via Http Request.

Would appreciate suggestions on this. Also would be happy to discuss if there is any other approach on achieving SSO.

Thanks
-Aj
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpServletRequest has the isUserInRole, getRemoteUser and getUserPrincipal methods, which tell you about the remote user if you're using web app security.

I don't see anything in your approach that does SSO, though - it looks like a login process to just a single web app.
 
Aryan Khan
Ranch Hand
Posts: 290
Java Oracle Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
If you are using tomcat, it provides a SSO valve Valve.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic