Why can't you just use request.getRemoteUser()? It provides the username the user logged in with whether it be from BASIC auth or form based auth.
--David Rapthor wrote: >Sorry, here's what I do: > >I have a web application and used Tomcat's Authentication mechanism called >JDBCRealm. I had to edit server.xml to do so (this is not really the details >I entered, it's just an example): > ><Realm className="org.apache.catalina.realm.JDBCRealm" >driverName="com.microsoft.jdbc.sqlserver.SQLServerDriver" >connectionURL="jdbc:microsoft:sqlserver://kebab.ucsd.edu:1433" >connectionName="CSE135_XX" connectionPassword="XXXXXXXX" >userTable="users" userNameCol="user_name" userCredCol="user_pass" >userRoleTable="user_roles" roleNameCol="role_name" /> > >Then I created the according tables: > >create table users >( > user_name varchar(15) not null primary key, > user_pass varchar(15) not null >); > >create table user_roles >( > user_name varchar(15) not null, > role_name varchar(15) not null, > primary key( user_name, role_name ) >); > >There is a user admin in the table "users" with "admin_role" (in the table >user_roles). There are other users with other names and other roles. > >The web.xml got these additional entries: > ><security-constraint> ><web-resource-collection> > <web-resource-name>SecurePages</web-resource-name> > <description>Security constraint /secure</description> > <url-pattern>/secure/*</url-pattern> ></web-resource-collection> ><auth-constraint> > <role-name>admin</role-name> > </auth-constraint> ></security-constraint> > ><login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/login.jsp</form-login-page> > <form-error-page>/loginerror.jsp</form-error-page> > </form-login-config> ></login-config> ><security-role> > <role-name>admin</role-name> ></security-role> > > >This is everything (or at least the most important things) I had to do to >configure everything. Now what I want to know is, which user is logged in at >a certain moment ... I want to know it when I create JSPs for example to >show the user's name (equal to the name in the users table). > >Do you know what I meant to achieve? I don't want to get the database's >user, which would be "CSE135_XX" in the above JDBCRealm example ... >-- >View this message in context: >http://www.nabble.com/Get-JDBCRealm%27s-current-user-t1341315.html#a3657607 >Sent from the Tomcat - User forum at Nabble.com. > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
