Hi, I am using form based authentication with WAS 4.0.3. My question is this....when a user access a protected resource the application takes the user to a login form indicated by the form-authentication login-page value and once the user enters his credentials and submits the page he gets back to the original page that was protected that he was accessing. I am using the j_security_check feature of Websphere itself. So I don't get a chance to do anything additional like storing his username in teh session. I am using LTPA authentication against Domino's LDAP. Is there anything that gets automatically stored in the session or as cookies from which I can retrieve the User name of the person who logged in??? Thanks , Jacob.
you can use getUserPrincipal() to obtain the user's principal, or simply getRemoteUser() to obtain user's name. That's standar API on HTTPServletRequest object, if you let Servlet container authenticate users for you, you can use these APIs to obtain user's info. Unless you want to use SAS API in WAS to programatically authenticate user, you don't have to worry about who/when/how user's info is set into the Session.
Certified Entperise Developer of Websphere