Win a copy of Spring Boot in Practice this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Liutauras Vilda
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Mikalai Zaikin
  • Himai Minh

Question on form based authentication

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I am using form based authentication with WAS 4.0.3. My question is this....when a user access a protected resource the application takes the user to a login form indicated by the form-authentication login-page value and once the user enters his credentials and submits the page he gets back to the original page that was protected that he was accessing. I am using the j_security_check feature of Websphere itself. So I don't get a chance to do anything additional like storing his username in teh session. I am using LTPA authentication against Domino's LDAP. Is there anything that gets automatically stored in the session or as cookies from which I can retrieve the User name of the person who logged in???
Thanks ,
Jacob.
 
Ranch Hand
Posts: 217
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
you can use getUserPrincipal() to obtain the user's principal, or simply getRemoteUser() to obtain user's name.
That's standar API on HTTPServletRequest object, if you let Servlet container authenticate users for you, you can use these APIs to obtain user's info.
Unless you want to use SAS API in WAS to programatically authenticate user, you don't have to worry about who/when/how user's info is set into the Session.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic