• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

NT user

 
gaucho sands
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

How can I obtain the NT username for the currently logged in user ?? would appreciate any examples a lot..

TIA,
sg
[ August 25, 2004: Message edited by: Bear Bibeault ]
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64623
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The client or server-side user?
 
Bhavesh Ravjee
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I have been trying to do this for a few days now. I could get in using ASP.
But with JSP it doesnt seems to work that easily. I think it has something to do with the Tomcat and IIS configuration. The configuration is quite something and not as easy as a b c.

I would like to know, if I may, that by configuring tomcat with IIS, is it possible to get the NT user name.

Thanks in advance!
 
Julian Kennedy
Ranch Hand
Posts: 823
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't have NT but this works for me at the server-side in XP:

I suspect that if you want the user name at the client side you'll be sorely disappointed, unless maybe you use ActiveX.

Jules
 
Bhavesh Ravjee
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Julian I think you will find that by using the System.getProperty(xxx) to get the username would work, but it will always get your username regardless of who is requesting the page.

However People, I found a code extract that would grab the users nt username,domain and remote machine name. I found the code, with some help from a colleague from another site. And, it works well on IE browsers.

You can paste this code in a servlet or in a jsp page and it work just.........fine!

String auth = request.getHeader("Authorization");
if (auth == null)
{
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
response.flushBuffer();
return;
}
if (auth.startsWith("NTLM "))
{
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
if (msg[8] == 1)
{
byte z = 0;
byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P',
z,(byte)2, z, z, z, z, z, z, z,(byte)40, z, z, z,
(byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
response.setHeader("WWW-Authenticate", "NTLM " +
new sun.misc.BASE64Encoder().encodeBuffer(msg1));
response.sendError(response.SC_UNAUTHORIZED);
return;
}
else if (msg[8] == 3)
{
off = 30;

length = msg[off+17]*256 + msg[off+16];
offset = msg[off+19]*256 + msg[off+18];
String remoteHost = new String(msg, offset, length);

length = msg[off+1]*256 + msg[off];
offset = msg[off+3]*256 + msg[off+2];
String domain = new String(msg, offset, length);

length = msg[off+9]*256 + msg[off+8];
offset = msg[off+11]*256 + msg[off+10];
String username = new String(msg, offset, length);

out.println("Username:"+username+"<BR>");
out.println("RemoteHost:"+remoteHost+"<BR>");
out.println("Domain:"+domain+"<BR>");
}
}



Cheers, hope this helps
 
Julian Kennedy
Ranch Hand
Posts: 823
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I suppose that's useful if you're using it on an intranet, but not a great idea for the Internet really.

I wouldn't be too happy if my browser is transmitting my login id and machine name across the network to all and sundry. I'll have to check that out.

Jules
 
Bhavesh Ravjee
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I agree Jules.

I guess to grab this kind of information the correct way would be to configure IIS and Tomcat. I am going to give it a go.

Wish me luck.
 
gaucho sands
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

We are using Weblogic 8.1 and there is no question of using IIS and ASP to obtain the NT username.

I had already tried Bhavesh Ravjeeļæ½s suggestion except that it is very easy to hack. All the user has to do is change the security setting to High and then he can insert any username he wants.

I could also obtain the username using ActiveX but again this isnt very reliable because it would mean going to each machine and confirming that the IE security setting allows the ActiveX object to execute.

I am setting this up for an Intranet env but there still has to be a relia ble mechanism to obtain this info.

Thanks again,
 
Julian Kennedy
Ranch Hand
Posts: 823
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
System Architecture 101: If you want to integrate closely with Microsoft software, use Microsoft products. Trying to mix chalk and cheese where no open standards exist is guaranteed to give you a headache at some point down the line.

Here's a suggestion: how about implementing your login page in .Net and capturing the username through some proprietory attribute it's bound to have access to, then forward that in the request to your servlet as a parameter.

Jules
 
Baps Vakkalagadda
Ranch Hand
Posts: 47
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Try this link How to authenticate a Servlet App with Windows passwords?.

I hope this will help you.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic