-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
André,
On 2/20/13 4:20 PM, André Warnier wrote:
> In relation to a couple of recent posts, I have a naive question :
>
> In a servlet, to retrieve the authenticated user-id (if any), I
> use
>
> String userName = request.getRemoteUser();
>
> Now, suppose I wanted to create a servlet filter which (under
> certain conditions), would force the current request to be
> authenticated as user "someuser", how would I do that ?
>
> I s'pose it would too much to ask that it would just be
>
> request.setRemoteUser("someuser");
As long as you only want to "trick" some filter or servlet
further-down from your own, you can install a filter that:
1. Wraps the request with an HttpServletRequestWrapper which...
2. overrides getRemoteUser() to return whatever you want it to return.
If you have to pull the wool over the eyes of a Valve, you'll have to
write a Valve and install it at a suitably-early in the pipeline.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEAREIAAYFAlElbh8ACgkQ9CaO5/Lv0PDqmwCfdLmo0UbKuC9GUG2qqd0Iy0Cb
0CUAn1CAyo3t6X4W7O6S4z5Q68dKXiRY
=6Nz9
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
