File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes User Authentification with servlet Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "User Authentification with servlet" Watch "User Authentification with servlet" New topic
Author

User Authentification with servlet

heiner weilandt
Ranch Hand

Joined: Sep 10, 2002
Posts: 46
hi,
i want to authentificate users by a servlet. i have an html-login and the user/password as a parameter.
i know i can authentificate the user with http-request and headers, but i have to authentificate the user in this servlet.
how can i do this, that the "request.getRemoteUser()" is not null, but my registred user ?
is it possible to copy a sample-code ?
thanks for help
heiner
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

Authentication is covered fairly often in the Servlets forum, so I recommend a search first. You'll find threads like this one:
http://www.coderanch.com/t/355825/Servlets/java/Authentication-getRemoteUser
As I understand it, the difference is that you want the user to pass the credentials (ie username password) to a servlet and have the servlet log them into the servlet container's authentication method without using the usual mechanism.
Application servers usually supply a separate way to achieve this, but it different in each server and I'm not aware of any way to do it in Tomcat. I had a quick look a while ago but got nowhere.
From memory the class to use in WebSphere is SSOAuthenticator, no idea which package or jar it lives in, I'd have to go search.
Hope this helps.
Dave
heiner weilandt
Ranch Hand

Joined: Sep 10, 2002
Posts: 46
thanks for reply.
i'm using websphere 4 and i cannot find any class with "SSOAuthenticator". is it the same as "Authenticator" from the jdk ?

one separat question to workaround:
can i initiate the pop-up-authentification of the browser with an error code replying from the servlet or something else ?
thanks for help
heiner
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

Check this:
com.ibm.websphere.security.SSOAuthenticator
If you want to use the 'pop-up' authentication, you need to configure BASIC authentication. To set up a custom error page for failed authenication, you need to create an error page for the HTTP error codes 403 (unauthorised) or... um... is it 409? I can't remember
Does that help?
Dave
heiner weilandt
Ranch Hand

Joined: Sep 10, 2002
Posts: 46
yes, i found that class ! thanks. i'm trying.....
but:
i don't want to response an error, i want to response an code or something, that the browser comes up with the pop-up of a login-mask. is it possible to do this by an servlet, that is reachable by public users ?
heiner weilandt
Ranch Hand

Joined: Sep 10, 2002
Posts: 46
i'm trying this:

and this exception apears in line 2:
java.lang.NullPointerException

whats wrong ?
LTPA and SSO are enabled.
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

That's pretty much the same code I have.
The next big question is what version of WebSphere you are running.
We're probably getting to the point where we need to have this dicussion in the IBM/Websphere forum so that we can get some specific help.
I'll see about getting the thread moved there.
Dave
Michael Ernest
High Plains Drifter
Sheriff

Joined: Oct 25, 2000
Posts: 7292

On its way, DO'M
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: User Authentification with servlet