Hi All, When a person logs into webapplication , the user will be providing his credentials. At the later point of time we can get the user name from the principle which is there in Http request object. How come the user name gets populated in the principle, does the J2EE specification adderss any guideline so that the user name gets populated in the principle or is it an appserver specific configuration. If at all this is a app server specific can anybody tell how to do that in WebSphere? Thanks a lot, Surya.
"vydeek", One more thing... Welcome to JavaRanch. We don't have many rules here, but one that we do have is a naming policy. Please edit your display name to comply with this policy. Thanks in advance and we look forward to seeing you around the Ranch.
"sudhakar", sorry, your diplay name is still not valid. We require display names to be two words: your first name, a space, then your last name. Fictitious names are not allowed. You can edit your display name here. thanks, Dave.
The behaviour is partly defined in the spec and partly up to each app server. If you configure secured areas with user and role mappings, you create a login page and plug that into the app server so that the server knows how to get the user name and password. You can also plug into this programatically, but the way this happens is different in each server. In WebSphere you'll need to look at the class SSOAuthenticator. If you search the WebSphere forum for this class you should be able to find more information. It is worth doing a search, since there is some very strange behaviour in WebSphere concerning authentication. Dave