Solved

Servlet getRemoteUser

Posted on 2004-08-25
3
463 Views
Last Modified: 2013-11-24
Currently i have been using this technique where when a user logs into my site which is through a servlet, i call request.getRemoteUser() which returns a string of their ip address.  I then use that IP address to do a lookup in my user table to see when this ip address last logged on and as which user, so that i can set the user to that previous choice. I didnt want to use a cookie.  Anyhow, the problem has started where i have two users behind the same firewall. Both users are showing up with the same IP which looking back on it, now is what i would expect. Is there "any" other value of something i could extract that would give me something unique about that user that i could work with in this situation to tell who they are?

Thanks!
0
Comment
Question by:Hokester
3 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 11896992
No ;-)
0
 
LVL 92

Expert Comment

by:objects
ID: 11897931
Not really, and there are other conditions where this will also occur.
Why don't you want to use cookies, again not guaranteed but will improve your coverage.
0
 
LVL 21

Accepted Solution

by:
MogalManic earned 125 total points
ID: 11898130
The J2EE specification already has this functionality built into the Servlet API.  The request.getSession(TRUE) will create the session object automatically.  If cookies are enabled the sessionID will be stored as a cookie on the client.  If the client has cookies turned off, the servlet will use URL rewriting.  

If you can't or do not want to use the Servlet API (for example you don't want to create cookies), then you could implement the session functionality using URL rewriting.   Your servlet code would be something like this:

String sessionID=request.getParameter("UserSessionID");
if (sessionID==null) { //User is using a new session
   response.setRedirect(AppUserSession.encodeURL("/MyApp/loginPage.jsp");
}
else
{
  AppUserSession UserSession=AppUserSession.findUserSession(sessionID);
  //Process logged in user's request
}

The class AppUserSession would look something like this:
public class AppUserSession
{
    /**
      * Rewrite the url to contian the session ID as a parameter
      */
    public static String encodeURL(String url)
    {
         String userID=...// Some code to generate Unique ID (i.e. hash of the user's IP address plus system clock time)
         SessionMap.put(userID, new HashMap());  //Probably should be readonly Map instead
         return url + (url.indexOf("?")>-1 ? "?" : "&")+"UserSessionID="+userID;
    }

   public static Map findUserSession(String sessionID)
   {
      return sessionMap.get(sessionID);
   }
    //...Other functions as necessary
}
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For beginner Java programmers or at least those new to the Eclipse IDE, the following tutorial will show some (four) ways in which you can import your Java projects to your Eclipse workbench. Introduction While learning Java can be done with…
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now