aspose file tools*
The moose likes Java in General and the fly likes The HttpServletRequest.getRemoteUser() method. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "The HttpServletRequest.getRemoteUser() method." Watch "The HttpServletRequest.getRemoteUser() method." New topic
Author

The HttpServletRequest.getRemoteUser() method.

marwen Bakkar
Ranch Hand

Joined: Jan 28, 2010
Posts: 84
Hello,

I don't understand the logic of this method. At what point the object returned by this method had it's value set? By whom and how?

If I am meant myself to assing a value to it in say, some login servlet, what good is this method?

I feel like I am completely missing something.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61224
    
  66

If you are using container-based authentication, this method returns the username making the request. Otherwise, it's not useful.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
marwen Bakkar
Ranch Hand

Joined: Jan 28, 2010
Posts: 84
hmm I think I got confused. I thought the user that this method is about is the user of the site.. apperently it's something else.

Anyway, what I want is to learn is how to deal with user authentication. Once a user sends his credentials in a POST method, and those credentials match an entry in the data base, how do I know that this is a known user (an authenticated user) from then on? Do I need to set his username as an attribute in the request's HttpSession? How does it work?
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61224
    
  66

Are you talking about container-managed authentication, or are you rolling your own?
marwen Bakkar
Ranch Hand

Joined: Jan 28, 2010
Posts: 84
I am a newbie in this, you are warned.

What's container-managed authentication?

I am making a site where people will play chess in. I use lobby system via Java Web Start. When a user clicks the launch button, the lobby needs to know what player entered, thus, the user needs to be authentificated. What do I need here to store my users?

Also, for whatever authentification solution adopted, once a user is authetificated and clicks to enter the lobby, how do I pass his username as an argument to the JWS application?

Thanks.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61224
    
  66

Moved to the JNLP forum.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18570
    
    8

marwen Bakkar wrote:I am a newbie in this, you are warned.

What's container-managed authentication?

I am making a site where people will play chess in. I use lobby system via Java Web Start. When a user clicks the launch button, the lobby needs to know what player entered, thus, the user needs to be authentificated. What do I need here to store my users?

Also, for whatever authentification solution adopted, once a user is authetificated and clicks to enter the lobby, how do I pass his username as an argument to the JWS application?

Thanks.

Okay, let's see if I can guess what you are asking about here.

My guess: you have an application which is distributed by Java Web Start. You also have a server which is doing something or other. Your JWS application accepts the authentication information from the user by allowing them to key it into text fields. Then it sends a request to the server for authentication.

But no... you seem to be asking how to pass a user name from the server to the JWS application. Whose user name would that be then? I'm confused. And you certainly wouldn't pass it as an argument of the JWS application, at least not one of the arguments of its static main method. The application is already running so that method was already called long ago.

I'm also guessing this "lobby" thing is on the server. If that's the case, and if as it appears from your original question that it's a servlet-based application, you would store information about the application (such as a list of users online) in the servlet context.

My final guess: there are cases where User A needs to know of the existence of User B. In that case you're writing something like a chat application with a server. The fact that the application happens to be distributed by JWS is irrelevant there. Just write the chat application in the usual way.
marwen Bakkar
Ranch Hand

Joined: Jan 28, 2010
Posts: 84
Paul Clapham thank you for your comment. As I already said I am a beginner so I myself am a bit confused since I don't know what is doable and what is not. I am still searching for solutions. Now to describe what I have in mind , please take a look at the screenshots below , those screenshots are taken from a site with a lobby system that provides matchmaking service for a multiplayer game, those screenshots describe exactly what I want to achieve.








First, you can see me logged in the site, then when I enter the lobby it's passed my nickname to display me as an occupant of the room.

This is written in C++. I am trying to do the same but the "lounge" (or lobby) will be a JWS application.

Now my questions :

1) How user authentification is usually delt with? Once a user successfully logs in, is his username stored as an attribute in it's HttpSession? How does it work?

2) Once a user is logged in, and I have a way to retrive his username, how do I pass it to the lobby when he launchs the JWS and enters the lobby?

Thanks.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18570
    
    8

Okay. So I'm still confused. The lobby is a JWS application? Then it doesn't have an HttpSession because it isn't a web application. It might be a client of one, though.

At any rate none of that is specific to JWS. You are proposing a Java application (which happens to be distributed via JWS, but that's just an implementation detail). Perhaps you're proposing a server -- I don't see how you could do that without a server, but you don't seem to identify the requirement -- but that too isn't anything to do with JWS. So let me move this to the Java in General forum where there are a lot of people who can give general Java advice. Which is what you need now, I think.
marwen Bakkar
Ranch Hand

Joined: Jan 28, 2010
Posts: 84
Sure I have a server, and yes the lobby is a JWS application. The thing is that the JWS and the web site must share the same account. The questions now are how do I deal with users authentifications on the webstite (eg. Do I attach their nickname to the HttpSession once their input matches a database entry)? and how do I pass that nickname to the JWS? I hope that's clear.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18570
    
    8

marwen Bakkar wrote:The thing is that the JWS and the web site must share the same account.


I have no idea what that is supposed to mean. If you plan to have more than one client for the web site then it sounds extremely confusing... would all the clients have to have the same account, or what?

Anyway the answer to all your other questions is that you pass data back and forth between client and server via HTTP requests.
 
wood burning stoves
 
subject: The HttpServletRequest.getRemoteUser() method.