• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Modifying a request using a Servlet Filter

 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am trying to experiment with servlet filters. I have written a simple form based authentication in WSAD 5.0 that posts the j_securitycheck action . I have a scenario where the user is already in session. How do I get the user session information (I want the UserID) so that I can append (modify) it to the request header of a request when I invoke an application that needs the userid. What kind of a servlet filter do I use to modify the request? I believe I need to put a HttpRequestWrapper around the original request and use methods such as getRemoteUser to supply the user from the filter. But I am not sure. Thanks
 
Abid Sami
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Specifically I need to get the userId that had been posted from the j_security check action by the form based login (WSAD 5.0). Once I get the username from the session I need to "append" it to the request for an application which is a Servlet. But I am not able to get good examples how to do that especially on request wrappers.(are they any links?) I have got the basic logic down here but can you help me fine tune it.


In the domethod () I suppose I have to do this
RequestDispatcher rd = hrequest.getRequestDispatcher(�HS�); //HS is mapped to handle servlet where I the request need to go

hresponse.setHeader("SAMLAuthenticationMethod", "password");

PrincipalWrapper wrapper = new PrincipalWrapper(hrequest, new PrincipalImpl("user name here");

rd.forward(wrapper, hresponse);



Then I guess I can obtain the authenticated user from REMOTE_USER request header in handle servlet.

I guess I need to import java.security.Principal & sun.security.acl.PrincipalImpl;



/**

* <code>HttpServletRequest</code> wrapper class. Returns a locally specified principal.

*/

private class PrincipalWrapper extends HttpServletRequestWrapper {



private Principal principal;



private PrincipalWrapper(HttpServletRequest request, Principal principal) {

super(request);

this.principal = principal;

}



/**

* @see javax.servlet.http.HttpServletRequest#getRemoteUser()

*/

public String getRemoteUser() {

return principal.getName();

}



/**

* @see javax.servlet.http.HttpServletRequest#getUserPrincipal()

*/

public Principal getUserPrincipal() {

return principal;

}

}
 
    Bookmark Topic Watch Topic
  • New Topic