*
The moose likes Servlets and the fly likes getRemoteUser is always anonymous Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "getRemoteUser is always anonymous" Watch "getRemoteUser is always anonymous" New topic
Author

getRemoteUser is always anonymous

Donna Dixon
Greenhorn

Joined: Apr 26, 2006
Posts: 2
Hello --

I have some legacy code that seems pretty simple, but for some reason I can't get it to get the username. The servlet resides on a Domino server. I'm using Netbeans to compile the code. I am able to get other information about the post, but not the request.getRemoteUser. It is always returning anonymous. I know that the user is connecting over HTTPS and is authenticated. Does anyone know what is missing?

Thanks,
Donna


import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.ServletInputStream;
import java.io.*;
import java.util.*;
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.oreilly.servlet.MultipartRequest;
import lotus.domino.*;

public class accept extends javax.servlet.http.HttpServlet {

private static final String REALM = "/servlet";
private static final String CONTENT_TYPE = "text/html";
private static final String DIRNAME = "c:/queues/in-http";
private static final String DBNAME = "in-http.nsf";
private static Session notesSession;
private static Database notesDb;


/**Initialize global variables*/
public void init(ServletConfig config) throws ServletException {
// public void init() throws ServletException {
super.init(config);
wmConnection.init();
}

private boolean isSecured(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if (!request.getScheme().equalsIgnoreCase("https")) { // Force redirect to same URL via https.
System.out.println(request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI());
String url = new String (HttpUtils.getRequestURL(request));
response.setHeader("Location", "https" + url.substring(4) + "?" + request.getQueryString());
response.sendError(HttpServletResponse.SC_MOVED_TEMPORARILY);
System.out.println(request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI());
return false;

} else if (request.getRemoteUser() == null) { // Return request for basic authentication to browser.
response.setHeader("WWW-Authenticate", "Basic realm=\"" + REALM + "\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
System.out.println( request.getRemoteUser().toString() );
return false;

}
IT GETS HERE - SO MY USER IS AUTHENTICATED
System.out.println( request.getQueryString());
System.out.println( request.getContentType());
System.out.println( request.getContentLength());
System.out.println( request.getHeader("User-Agent"));
System.out.println(request.getMethod());
System.out.println( request.getRemoteUser()); //returns ANONYMOUS always
System.out.println(request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI());
System.out.println(request.getHeader("authorization") );

return true;
}

/**Process the HTTP Get request*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if (isSecured(request, response)) {
response.setContentType(CONTENT_TYPE);
PrintWriter out = response.getWriter();
out.println("<HTML>");
out.println("</HTML>");
}
}
// public
//need to add a class that invoke my service

// if request.getQueryString()
// wmConnection urlTest = new wmConnection();
// }

private String createDocument(HttpServletRequest request, File f) throws NotesException {

Document doc = notesDb.createDocument();
doc.appendItemValue("REMOTE_ADDR", request.getRemoteAddr());
doc.appendItemValue("REMOTE_USER", request.getRemoteUser());
doc.appendItemValue("LOCAL_ADDR", request.getServerName());
doc.appendItemValue("PATH_INFO", f.getPath());
doc.appendItemValue("CONTENT_TYPE", request.getContentType());
doc.appendItemValue("CONTENT_LENGTH", request.getContentLength());
doc.appendItemValue("REQUEST_METHOD", request.getMethod());
doc.appendItemValue("REQUEST_PARAMETERS", request.getQueryString());
doc.appendItemValue("USER_AGENT", request.getHeader("User-Agent"));
Enumeration e = request.getHeaderNames();
Vector headers = new Vector();
while (e != null && e.hasMoreElements()) {
String name = (String)e.nextElement();
headers.addElement(name + ": " + request.getHeader(name));
}
doc.appendItemValue("HEADERS", headers);
//Calendar postEnd = Calendar.getInstance();
//doc.appendItemValue("DURATION", postEnd.getTime().getTime() - postStart.getTime().getTime());
DateTime timeNow = notesSession.createDateTime("Today");
timeNow.setNow();
doc.appendItemValue("SUBMITTED", timeNow);
doc.save();
String id = doc.getNoteID();
doc.recycle();
return id;
}

private File createTempFile(String dir) {
int counter = new Random().nextInt();
File f;
do {
f = new File(dir, "fil" + Integer.toString(counter & 0xffff) + ".tmp");
counter++;
} while (f.exists());
return f;
}

/**Process the HTTP Post request*/
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if (isSecured(request, response)) {
PrintWriter out = response.getWriter();
response.setContentType("text/xml");
out.println("<?xml version=\"1.0\" standalone=\"yes\" ?>");
out.println("<accept>");
System.out.println( request.getQueryString());
System.out.println( request.getRemoteUser());
System.out.println( request.getQueryString());
System.out.println( request.getContentType());
System.out.println( request.getContentLength());
System.out.println( request.getHeader("User-Agent"));
System.out.println(request.getMethod());
System.out.println(request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI());
System.out.println(request.getHeader("authorization") );

marc weber
Sheriff

Joined: Aug 31, 2004
Posts: 11343

Originally posted by Donna Dixon:
...The servlet resides on a Domino server. I'm using Netbeans to compile the code. I am able to get other information about the post, but not the request.getRemoteUser. It is always returning anonymous...

My understanding (could be wrong) is that users connecting to a Domino server using anything other than a Lotus Notes client will be "anonymous." I believe this is to support access controls built into Domino databases (based on Notes User IDs).


"We're kind of on the level of crossword puzzle writers... And no one ever goes to them and gives them an award." ~Joe Strummer
sscce.org
marc weber
Sheriff

Joined: Aug 31, 2004
Posts: 11343

Originally posted by Donna Dixon:
...I know that the user is connecting over HTTPS and is authenticated...

Upon further digging, I'm thinking it's an authentication issue. See page 104 of this PDF...

http://www.redbooks.ibm.com/redbooks/pdfs/sg246213.pdf
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: getRemoteUser is always anonymous