Re: Get Security subject from Tomcat
Christopher Schultz wrote: Arash, Arash Bizhan zadeh wrote: Sure [reading the servlet API] might help. Reading my mail would have helped too. I need the Subject not the principal. Ouch. You're gonna get the cold shoulder with that kind of snarkiness. Your original message said authenticated user in the body. A quick look through Tomcat's source code shows: $ grep SUBJECT_ATTR `find java/ -name *.java` java/org/apache/catalina/connector/Request.java: session.getAttribute(Globals.SUBJECT_ATTR) == null) { java/org/apache/catalina/connector/Request.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/security/SecurityUtil.java: (Subject)session.getAttribute(Globals.SUBJECT_ATTR); java/org/apache/catalina/security/SecurityUtil.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/session/StandardSession.java: Globals.SUBJECT_ATTR java/org/apache/catalina/Globals.java:public static final String SUBJECT_ATTR = Taking a quick look at these classes shows that this: getSession().getAttribute(Globals.SUBJECT_ATTR); should work. Of course, there's always a chance that the subject is null. In most cases in the code, when the Subject is null, a new Subject object is created with no arguments and thrown into the session under the Globals.SUBJECT_ATTR key. The logical questions that follow are: what is your login config, which Realm are you using and which type of Authenticator? p -chris - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Get Security subject from Tomcat
Pid wrote: Christopher Schultz wrote: Arash, Arash Bizhan zadeh wrote: Sure [reading the servlet API] might help. Reading my mail would have helped too. I need the Subject not the principal. Ouch. You're gonna get the cold shoulder with that kind of snarkiness. Your original message said authenticated user in the body. A quick look through Tomcat's source code shows: $ grep SUBJECT_ATTR `find java/ -name *.java` java/org/apache/catalina/connector/Request.java: session.getAttribute(Globals.SUBJECT_ATTR) == null) { java/org/apache/catalina/connector/Request.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/security/SecurityUtil.java: (Subject)session.getAttribute(Globals.SUBJECT_ATTR); java/org/apache/catalina/security/SecurityUtil.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/session/StandardSession.java: Globals.SUBJECT_ATTR java/org/apache/catalina/Globals.java:public static final String SUBJECT_ATTR = Taking a quick look at these classes shows that this: getSession().getAttribute(Globals.SUBJECT_ATTR); should work. Of course, there's always a chance that the subject is null. In most cases in the code, when the Subject is null, a new Subject object is created with no arguments and thrown into the session under the Globals.SUBJECT_ATTR key. The logical questions that follow are: what is your login config, which Realm are you using and which type of Authenticator? ignore: as my mail client has now downloaded the rest of the overnight mail. p -chris - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Get Security subject from Tomcat
Hi, Is there is was I can get the authenticated User from inside my servlet/filter? IT seems none of the assumed ways work : getSession().getAttribute(Globals.SUBJECT_ATTR); Subject.getSubject(AccessController.getContext()); Please reply directly, I am not subscribed. -thanks, -arash -- The dirtiest book of all is the expurgated book. Walt Whitman
RE: Get Security subject from Tomcat
From: Arash Bizhan zadeh [mailto:[EMAIL PROTECTED] Subject: Get Security subject from Tomcat Is there is was I can get the authenticated User from inside my servlet/filter? Perhaps reading the Servlet spec or the APIs would help: http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/javax/servlet/http/HttpServletRequest.html#getUserPrincipal() Please reply directly, I am not subscribed. Then I guess you won't see the response... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Get Security subject from Tomcat
On Wed, Nov 12, 2008 at 4:06 PM, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Arash Bizhan zadeh [mailto:[EMAIL PROTECTED] Subject: Get Security subject from Tomcat Is there is was I can get the authenticated User from inside my servlet/filter? Perhaps reading the Servlet spec or the APIs would help: http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/javax/servlet/http/HttpServletRequest.html#getUserPrincipal()http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/javax/servlet/http/HttpServletRequest.html#getUserPrincipal%28%29 Sure it might help. Reading my mail would have helped too. I need the Subject not the principal. Please reply directly, I am not subscribed. Then I guess you won't see the response... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- The dirtiest book of all is the expurgated book. Walt Whitman
RE: Get Security subject from Tomcat
From: Arash Bizhan zadeh [mailto:[EMAIL PROTECTED] Subject: Re: Get Security subject from Tomcat Sure it might help. Reading my mail would have helped too. I need the Subject not the principal. O.k., I'm confused. If you're looking for the user name, then the java.security.Principal returned by getUserPrincipal() has a getName() method. If that's not what you mean by Subject, what is? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Get Security subject from Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Arash, Arash Bizhan zadeh wrote: Sure [reading the servlet API] might help. Reading my mail would have helped too. I need the Subject not the principal. Ouch. You're gonna get the cold shoulder with that kind of snarkiness. Your original message said authenticated user in the body. A quick look through Tomcat's source code shows: $ grep SUBJECT_ATTR `find java/ -name *.java` java/org/apache/catalina/connector/Request.java: session.getAttribute(Globals.SUBJECT_ATTR) == null) { java/org/apache/catalina/connector/Request.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/security/SecurityUtil.java: (Subject)session.getAttribute(Globals.SUBJECT_ATTR); java/org/apache/catalina/security/SecurityUtil.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/session/StandardSession.java: Globals.SUBJECT_ATTR java/org/apache/catalina/Globals.java:public static final String SUBJECT_ATTR = Taking a quick look at these classes shows that this: getSession().getAttribute(Globals.SUBJECT_ATTR); should work. Of course, there's always a chance that the subject is null. In most cases in the code, when the Subject is null, a new Subject object is created with no arguments and thrown into the session under the Globals.SUBJECT_ATTR key. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkbWgUACgkQ9CaO5/Lv0PB7ywCfWsw8lOmT2rg85wddJ+n3C6xL PWsAn1KdKrcv+mErYjOjaNMAonGYE/yS =nnOG -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Get Security subject from Tomcat
On Wed, Nov 12, 2008 at 5:34 PM, Christopher Schultz [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Arash, Arash Bizhan zadeh wrote: Sure [reading the servlet API] might help. Reading my mail would have helped too. I need the Subject not the principal. Ouch. You're gonna get the cold shoulder with that kind of snarkiness. Your original message said authenticated user in the body. A quick look through Tomcat's source code shows: $ grep SUBJECT_ATTR `find java/ -name *.java` java/org/apache/catalina/connector/Request.java: session.getAttribute(Globals.SUBJECT_ATTR) == null) { java/org/apache/catalina/connector/Request.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/security/SecurityUtil.java: (Subject)session.getAttribute(Globals.SUBJECT_ATTR); java/org/apache/catalina/security/SecurityUtil.java: session.setAttribute(Globals.SUBJECT_ATTR, subject); java/org/apache/catalina/session/StandardSession.java: Globals.SUBJECT_ATTR java/org/apache/catalina/Globals.java:public static final String SUBJECT_ATTR = Taking a quick look at these classes shows that this: getSession().getAttribute(Globals.SUBJECT_ATTR); Tomcat 5.5.26, returns null as subject. I have security constraints on web.xml and developed a JAAS module to login, so I guess the subject is not null. Any suggestions? should work. Of course, there's always a chance that the subject is null. In most cases in the code, when the Subject is null, a new Subject object is created with no arguments and thrown into the session under the Globals.SUBJECT_ATTR key. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkbWgUACgkQ9CaO5/Lv0PB7ywCfWsw8lOmT2rg85wddJ+n3C6xL PWsAn1KdKrcv+mErYjOjaNMAonGYE/yS =nnOG -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- The dirtiest book of all is the expurgated book. Walt Whitman
Re: Get Security subject from Tomcat
Arash Bizhan zadeh wrote: On Wed, Nov 12, 2008 at 4:06 PM, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Arash Bizhan zadeh [mailto:[EMAIL PROTECTED] Subject: Get Security subject from Tomcat Is there is was I can get the authenticated User from inside my servlet/filter? Perhaps reading the Servlet spec or the APIs would help: http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/javax/servlet/http/HttpServletRequest.html#getUserPrincipal()http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/javax/servlet/http/HttpServletRequest.html#getUserPrincipal%28%29 Sure it might help. Reading my mail would have helped too. I need the Subject not the principal. As much as some of us would sometimes enjoy someone being able to (figuratively) slap the Servlet Spec in Chuck's face, it being justified does not happen very often. Isn't what he indicated above, what you were requesting in the first place ? java.security.Principal principal = request.getUserPrincipal(); String userId = principal.getName(); - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]