aspose file tools
The moose likes Servlets and the fly likes Modifying a request using a Servlet Filter Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Java » Servlets
Reply Bookmark "Modifying a request using a Servlet Filter" Watch "Modifying a request using a Servlet Filter" New topic
Author

Modifying a request using a Servlet Filter

Abid Sami
Greenhorn

Joined: Jul 25, 2005
Posts: 22
posted
0
Quote
Hi,
I am trying to experiment with servlet filters. I have written a simple form based authentication in WSAD 5.0 that posts the j_securitycheck action . I have a scenario where the user is already in session. How do I get the user session information (I want the UserID) so that I can append (modify) it to the request header of a request when I invoke an application that needs the userid. What kind of a servlet filter do I use to modify the request? I believe I need to put a HttpRequestWrapper around the original request and use methods such as getRemoteUser to supply the user from the filter. But I am not sure. Thanks

Abid Sami<br />SCJP,SCWCD
Abid Sami
Greenhorn

Joined: Jul 25, 2005
Posts: 22
posted
0
Quote
Specifically I need to get the userId that had been posted from the j_security check action by the form based login (WSAD 5.0). Once I get the username from the session I need to "append" it to the request for an application which is a Servlet. But I am not able to get good examples how to do that especially on request wrappers.(are they any links?) I have got the basic logic down here but can you help me fine tune it.


In the domethod () I suppose I have to do this
RequestDispatcher rd = hrequest.getRequestDispatcher(�HS�); //HS is mapped to handle servlet where I the request need to go

hresponse.setHeader("SAMLAuthenticationMethod", "password");

PrincipalWrapper wrapper = new PrincipalWrapper(hrequest, new PrincipalImpl("user name here");

rd.forward(wrapper, hresponse);



Then I guess I can obtain the authenticated user from REMOTE_USER request header in handle servlet.

I guess I need to import java.security.Principal & sun.security.acl.PrincipalImpl;



/**

* <code>HttpServletRequest</code> wrapper class. Returns a locally specified principal.

*/

private class PrincipalWrapper extends HttpServletRequestWrapper {



private Principal principal;



private PrincipalWrapper(HttpServletRequest request, Principal principal) {

super(request);

this.principal = principal;

}



/**

* @see javax.servlet.http.HttpServletRequest#getRemoteUser()

*/

public String getRemoteUser() {

return principal.getName();

}



/**

* @see javax.servlet.http.HttpServletRequest#getUserPrincipal()

*/

public Principal getUserPrincipal() {

return principal;

}

}
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Modifying a request using a Servlet Filter
 
Similar Threads
dynamic forward to different pages from ActionClass
Session Security
Session is lost in new browser window.
session expire exception
Servlet Filters - A couple of questions