Im using a FORM based authentication. Im not sure, but I think to remember that I once had the possibility to see all the user stuff (password, roles, database password, database user, etc.) but I dont know where ;-).
Im using the password of the authentification to encrypt and decrypt some data to a database user specific (each users own data has the users password). To get to the password must be possibly, not? -------- Original-Nachricht -------- Datum: Wed, 2 May 2007 20:46:40 +0200 Von: "Johnny Kewl" <[EMAIL PROTECTED]> An: "Tomcat Users List" <users@tomcat.apache.org> Betreff: Re: User-password from the HttpServletRequest > I've never seen a function that will do that... think its a security > thing. > I think you have to get the user name, and then Parse the User file > yourself, or read the database yourself... whatever realm you using. > > If its BASIC authorization you using you could just decode the > authorization > header, but the only reason that works is because its a weak form of > protection... if the admin guy switched to DIGEST... that method will > break. > > I've just about finished an alternative SSO authorization system for > Tomcat, > thus my interest in your question... I'd be reluctant to expose passwords > in > the API, however there may be a terrific reason for it... would you mind > telling me why you want to do this? > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <users@tomcat.apache.org> > Sent: Wednesday, May 02, 2007 6:56 PM > Subject: User-password from the HttpServletRequest > > > > Hi > > > > How can I get the password from the logged in user via the > > HttpServletRequest in general? (I need the password in a servlet filter > to > > do some stuff) > > > > And there some web server independent solution? > > > > Thanks in advance and greets > > Sam > > -- > > "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... > > Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail > > > > --------------------------------------------------------------------- > > To start a new topic, e-mail: users@tomcat.apache.org > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
