This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
And questions regarding what is returned by the service being null. The usual response is that the web.xml file has to be configured to handle security. My question is this: I don't care about security and authentication, is there a way I can have the service identify what client made the request? Specifically, I make a request to the server via a client and have the Web service determine the userID of the client. I'm trying to get the service to display something like "userID <userIdName> made a request to service <serviceName> from <IPAddress>." No authentication is needed, just information displayed from the service.
The IP address can be obtained from the HttpServletRequest, I believe. This will not be available if the web service is EJB-based.
Standard Java EE security will not supply the name of a user, but only that of the principal and the client needs to present credentials in order for the principal to be set.
There is, as far as I know, no mechanism in HTTP that enclose a user id with every request.