Problem retrieving domain\userid from HttpServletRequest object

Mon, 21 Jun 2010 10:56:17 -0700 

I am on what I hope is the last issue in trying to get authentication completed 
on the IIS-Tomcat integration.

I have the ISAPI filter loaded and appears to be working properly per the ISAPI 
log.  IIS is sending the NTLM authorization header with the encrypted 
domain\username and the ISAPI filter log shows the request info but I cannot 
pick it up from the HttpFilter class below in the ServletRequest parameter.

The HttpFilter class that my application uses (using the Tomcat ServletRequest 
object) to authenticate from the HttpServletRequest req as follows below does 
NOT contain the domain\username when I issue the getRemoteUser() or the 
getUserPrincipal.getName() methods because both come back as NULL:

public final void doFilter(final ServletRequest request, final ServletResponse 
response, final FilterChain chain) throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
        final HttpServletResponse resp = (HttpServletResponse) response;

        String userID = req.getRemoteUser();
        String userID2 = req.getUserPrincipal.getName();

        try {
                execute(req, resp);
        } catch (FilterInterruptException e) {
                return;
        } catch (Exception e) {
                log.severe(new HttpRequestDebugger(req).toString());
                throw new ServletException(e);
        }

        chain.doFilter(request, response);

        this.afterChain(req, resp);
}

I am using version Apache Tomcat 6.0.18.

Any suggestions on how to get to this info within JAVA.  I cannot get to my 
TEST index.jsp page that just shows the value for the userid because I cannot 
get past this filter first and that is why I'm getting 401.2 errors back in my 
browser.

Thank you.

Melinda Savoy
Sr. Programmer Analyst, ERP Systems
Innovative Technology Solutions
Texas Health Resources
600 E. Lamar Blvd, Ste 301, Arlington TX  76011
[email protected]<mailto:[email protected]>

Texas Health Resources: Arlington Memorial,
Harris Methodist and Presbyterian Hospitals
A shared mission and now a shared name.





The information contained in this message and any attachments is intended only 
for the use of the individual or entity to which it is addressed, and may 
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from 
disclosure under applicable law.  If you are not the intended recipient, you 
are prohibited from copying, distributing, or using the information.  Please 
contact the sender immediately by return e-mail and delete the original message 
from your system.

Reply via email to