Maybe you can use getRemoteUser, isUserInRole, getUserPrincipal etc.
from HttpServletRequest interface to find out who's logged on?
Once the user is authenticated, you'll always get its info from the
above and Tomcat will make sure that this guy is part of the correct
session. Does that answer your question?
Bojan
Ratnakar Palle wrote:
>
> I've a very basic question about IIS+Tomcat integration.
> I've to validate the user against the NT domain.
>
> When the request comes in, IIS validates the user against NT and forwards
> the request to Tomcat. After user gets validated, how does the Tomcat keep
> the user in session??
> I mean, how does the Tomcat make use of Servlet container session mechanism.
>
> Hope I was clear on my question..
>
> Any help or pointers would be of great help...
>
> Thanks in advance,
> -Ratnakar
