I think getRemoteUser() will only return a value if the Servlet is protected
by the HTTP Server's Authentication, or if an HTML file that Calls a Servlet
as an SSI is protected by the Server's authentication. At least that's been
my experience with it.
Jeff
-----Original Message-----
From: A mailing list for discussion about Sun Microsystem's JavaServlet
API Technology. [mailto:[EMAIL PROTECTED]]On Behalf Of
Weigen Jin
Sent: Wednesday, March 24, 1999 11:50 AM
To: [EMAIL PROTECTED]
Subject: Re: Registerd users can login
Cezar,
It seems that the getRemoteUser() always returns null. It is unable to get
the login userid from the NT system.
I have tested the SnoopServlet example included in jsdk2.0 and snoop.jsp
sample in gunjsp-0.9.8.
They both return null for userid.
I am using Apache web server 1.3.4, JServ 1.0b and jsdk2.0 and jdk1.1.6. on
Windows NT.
In Microsoft IIS / ASP, it is a simple line : userid =
Request.ServerVariables("REMOTE_USER")
to get the userid from NT system as user login.
Weigen
-----Original Message-----
From: Cezar Totth [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 24, 1999 5:32 AM
To: [EMAIL PROTECTED]
Subject: Re: Registerd users can login
Hi,
User authentication normally should be handled by servlet engine and/or
http browser. So your servlets need only to retrieve the remote
user name with a call like:
String userId = HttpServletRequest.getRemoteUser();
Without being concerned using your own cookies or url-rewriting..
Checking in all servlets that userId != null might be enough from
your side.
Bye,
Cezar
On Tue, 23 Mar 1999, Gabriel Wong wrote:
> Have you considered using an ACL?
>
> > Kenia Nimesh wrote:
> >
> > I have developed an application developed in Servlets.
> >
> > First the registered users have to login and then they can accordingly
> > see thier particular record.
> > I have used cookies(URL rewritting and hidden fields if cookies
> > disabled)
> >
> > In case cookies are disabled , I face a problem
> > The problem is that if the user directly gives the URL of a particular
> > page without the login , he can still view the pages that are meant
> > only for registered users .
> > Is there a way from which is a user directly gives a URL of a
> > particular file I can show him that you are not loged in .
> >
> > Thanks in advance
> >
> > Nimesh
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
Cezar Totth email: [EMAIL PROTECTED]
Fax: (401) 220 33 95
Genesys Software Romania Phone: (401) 638 49 44
Stefan Furtuna 169, sect.6
cod 77171, Bucharest
Romania
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
