File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes NT user Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "NT user " Watch "NT user " New topic
Author

NT user

gaucho sands
Greenhorn

Joined: Aug 03, 2004
Posts: 6
Hi,

How can I obtain the NT username for the currently logged in user ?? would appreciate any examples a lot..

TIA,
sg
[ August 25, 2004: Message edited by: Bear Bibeault ]
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60041
    
  65

The client or server-side user?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Bhavesh Ravjee
Greenhorn

Joined: Jun 15, 2004
Posts: 11
Hi All,

I have been trying to do this for a few days now. I could get in using ASP.
But with JSP it doesnt seems to work that easily. I think it has something to do with the Tomcat and IIS configuration. The configuration is quite something and not as easy as a b c.

I would like to know, if I may, that by configuring tomcat with IIS, is it possible to get the NT user name.

Thanks in advance!


With great power comes great responsibility!
Julian Kennedy
Ranch Hand

Joined: Aug 02, 2004
Posts: 823
I don't have NT but this works for me at the server-side in XP:

I suspect that if you want the user name at the client side you'll be sorely disappointed, unless maybe you use ActiveX.

Jules
Bhavesh Ravjee
Greenhorn

Joined: Jun 15, 2004
Posts: 11
Julian I think you will find that by using the System.getProperty(xxx) to get the username would work, but it will always get your username regardless of who is requesting the page.

However People, I found a code extract that would grab the users nt username,domain and remote machine name. I found the code, with some help from a colleague from another site. And, it works well on IE browsers.

You can paste this code in a servlet or in a jsp page and it work just.........fine!

String auth = request.getHeader("Authorization");
if (auth == null)
{
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
response.flushBuffer();
return;
}
if (auth.startsWith("NTLM "))
{
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
if (msg[8] == 1)
{
byte z = 0;
byte[] msg1 = {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S', (byte)'S', (byte)'P',
z,(byte)2, z, z, z, z, z, z, z,(byte)40, z, z, z,
(byte)1, (byte)130, z, z,z, (byte)2, (byte)2,
(byte)2, z, z, z, z, z, z, z, z, z, z, z, z};
response.setHeader("WWW-Authenticate", "NTLM " +
new sun.misc.BASE64Encoder().encodeBuffer(msg1));
response.sendError(response.SC_UNAUTHORIZED);
return;
}
else if (msg[8] == 3)
{
off = 30;

length = msg[off+17]*256 + msg[off+16];
offset = msg[off+19]*256 + msg[off+18];
String remoteHost = new String(msg, offset, length);

length = msg[off+1]*256 + msg[off];
offset = msg[off+3]*256 + msg[off+2];
String domain = new String(msg, offset, length);

length = msg[off+9]*256 + msg[off+8];
offset = msg[off+11]*256 + msg[off+10];
String username = new String(msg, offset, length);

out.println("Username:"+username+"<BR>");
out.println("RemoteHost:"+remoteHost+"<BR>");
out.println("Domain:"+domain+"<BR>");
}
}



Cheers, hope this helps
Julian Kennedy
Ranch Hand

Joined: Aug 02, 2004
Posts: 823
I suppose that's useful if you're using it on an intranet, but not a great idea for the Internet really.

I wouldn't be too happy if my browser is transmitting my login id and machine name across the network to all and sundry. I'll have to check that out.

Jules
Bhavesh Ravjee
Greenhorn

Joined: Jun 15, 2004
Posts: 11
I agree Jules.

I guess to grab this kind of information the correct way would be to configure IIS and Tomcat. I am going to give it a go.

Wish me luck.
gaucho sands
Greenhorn

Joined: Aug 03, 2004
Posts: 6
Hi,

We are using Weblogic 8.1 and there is no question of using IIS and ASP to obtain the NT username.

I had already tried Bhavesh Ravjeeļæ½s suggestion except that it is very easy to hack. All the user has to do is change the security setting to High and then he can insert any username he wants.

I could also obtain the username using ActiveX but again this isnt very reliable because it would mean going to each machine and confirming that the IE security setting allows the ActiveX object to execute.

I am setting this up for an Intranet env but there still has to be a relia ble mechanism to obtain this info.

Thanks again,
Julian Kennedy
Ranch Hand

Joined: Aug 02, 2004
Posts: 823
System Architecture 101: If you want to integrate closely with Microsoft software, use Microsoft products. Trying to mix chalk and cheese where no open standards exist is guaranteed to give you a headache at some point down the line.

Here's a suggestion: how about implementing your login page in .Net and capturing the username through some proprietory attribute it's bound to have access to, then forward that in the request to your servlet as a parameter.

Jules
Baps Vakkalagadda
Ranch Hand

Joined: May 25, 2004
Posts: 47
Try this link How to authenticate a Servlet App with Windows passwords?.

I hope this will help you.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: NT user
 
Similar Threads
Change NT Passwords from Java
NT-Authentication on WebLogic
Is there any hub website listing JDBC drivers for popular databases?
Running JBoss as windows service
NT Authentication in JSP