Skip to Content
0
Former Member
Nov 28, 2006 at 07:27 PM

Require Authentication and identify the remote_user

23 Views

I have a servlet that runs on the J2EE engine, but is accessed directly (without going thru the Enterprise Portal, e.g.: http://myserver:50200/gettingstarted-dec/ProcessInput). I want to be able to identify the user so I can dynamically populate the web page with the appropriate content.

Currently if I try to identify the user by calling "request.getRemoteUser()" or "request.getUserPrincipal().getName()", null is returned. I am assuming that is because the has not authenticated.

<u>Questions</u>:

How do I force the user to authenticate for this specific application?

After the user authenticates, will their user name be returned in either of the calls noted above?

Current set-up

Windows 2003, IIS 6.0, Web AS Java 6.4 SP16, IIS Proxy

I read a blog about setting up using the IIS proxy to authenticate the user, but I read that with SP16 it is no longer supported. I tried it anyway and was unsuccessful at getting a value returned, but it did force the authentication.

Also, I read a blog titled "Windows Integrated Authentication via Kerberos on an LDAP data source" ( /people/wai-hon.lam/blog/2006/04/20/windows-integrated-authentication-via-kerberos-on-an-ldap-data-source ), but it seemed really involved to force authentication and identify the user.