Gabe Wong wrote:
>
> I believe as the user is already authenticated via IIS, the authenticate
> method is not called in this situation.
> So you may try overriding:
> protected Principal getPrincipal(String username)
>
Gabe,<br/><br/>
Thanks for sticking with this. I did try getPrincipal as well and it
doesn't look like that is being called either. It seems that the only
method that is getting called is hasRole. I guess the question is how could
I manipulate the login name there? If I use getName on the Principal that
is passed in, it returns my NTLM login name. I can manipulate the name, but
then how could I appropriately call super.hasRoles since GenericPrincipal
requires a password.<br/><br/>
Here is the code:
public boolean hasRole(Principal principal, String roleName)
{
System.out.println("Starting hasRole");
System.out.println("Principal name: " + principal.getName());
int slash = principal.getName().indexOf('\\');
String newUser = slash > 0 ? principal.getName().substring(slash+1) :
principal.getName();
System.out.println("New user is: " + newUser);
System.out.println("Checking for role name: " + roleName);
// need to create a new Principal here, I think
boolean userHasRole = super.hasRole(newPrincipal, roleName);
System.out.println("User has role: " + userHasRole);
return userHasRole;
}
Thanks,
Eric
--
View this message in context:
http://www.nabble.com/Question-about-Tomcat-IIS-and-NTLM-authentication-tp14997483p15033183.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
