I have a servlet that runs on the J2EE engine, but is accessed directly (without going thru the Enterprise Portal, e.g.: http://myserver:50200/gettingstarted-dec/ProcessInput). I want to be able to identify the user so I can dynamically populate the web page with the appropriate content.
Currently if I try to identify the user by calling "request.getRemoteUser()" or "request.getUserPrincipal().getName()", null is returned. I am assuming that is because the has not authenticated.
<u>Questions</u>:
How do I force the user to authenticate for this specific application?
After the user authenticates, will their user name be returned in either of the calls noted above?
Current set-up
Windows 2003, IIS 6.0, Web AS Java 6.4 SP16, IIS Proxy
I read a blog about setting up using the IIS proxy to authenticate the user, but I read that with SP16 it is no longer supported. I tried it anyway and was unsuccessful at getting a value returned, but it did force the authentication.
Also, I read a blog titled "Windows Integrated Authentication via Kerberos on an LDAP data source" ( /people/wai-hon.lam/blog/2006/04/20/windows-integrated-authentication-via-kerberos-on-an-ldap-data-source ), but it seemed really involved to force authentication and identify the user.