In my isapi.log I am getting the user value (indicated below in BOLD RED font)
from IIS using the Tomcat connector and my understanding from others on this
list is that I should be able to get at that user value by using the
HttpServletRequest getRemoteUser() however, I am getting a NULL value when
doing that. I'm sure I'm doing something stupid but I just can't see it.
Here is what is in my isapi.log:
[Thu May 27 09:11:21.706 2010] [4656:4920] [debug] jk_isapi_plugin.c (3108):
Service protocol=HTTP/1.1 method=GET host=127.0.0.1 addr=127.0.0.1
name=localhost port=80 auth=Negotiate user=TEXAS\SavoyM uri=/SCMIS/index.jsp
Here is the code I'm using in Java to get at the user value above:
public User authenticate(final HttpServletRequest request, final
HttpServletResponse response) throws IOException {
// Initialize the User object
User user = null;
// 1. Initiate the IIS authentication process.
final String auth_user = request.getRemoteUser();
final String auth_user2 = request.getUserPrincipal().getName();
// 2. Create a User object with the user name
if (auth_user != null)
user = new User(auth_user, "");
// 3. Check to see if the user is populated
if (auth_user == null)
throw new UnauthorizedException(response, user);
// 4. Perform authentication if user not already authenticated
if (SecurityContext.getUser(request) == null) {
// a. Verify the user credentials
if (!manager.verify(user))
return null;
// b. Load the application-managed User object and save
into the context
user = manager.load(user);
SecurityContext.setUser(user, request);
return user;
}
return SecurityContext.getUser(request);
}
As you can see I've also tried to get to the user by using the
getUserPrincipal.getName() but that produces a NPE.
Any help or direction from someone who knows Java would be greatly appreciated.
Thank you.
Melinda Savoy
Sr. Programmer Analyst, ERP Systems
Innovative Technology Solutions
Texas Health Resources
600 E. Lamar Blvd, Ste 301, Arlington TX 76011
melindasa...@texashealth.org<mailto:melindasa...@texashealth.org>
Texas Health Resources: Arlington Memorial,
Harris Methodist and Presbyterian Hospitals
A shared mission and now a shared name.
The information contained in this message and any attachments is intended only
for the use of the individual or entity to which it is addressed, and may
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are prohibited from copying, distributing, or using the information. Please
contact the sender immediately by return e-mail and delete the original message
from your system.
