Link to home
Create AccountLog in
Avatar of fylix0000
fylix0000

asked on

How does JDBCRealm get the "username" parameter from user input?

Hi I have this question that puzzle me ...

You can go to http://www.koders.com/java/fid123DEE396363A73FCDDEF9AFBC4174048F3EEBA4.aspx to see a typical code for JDBCRealm.java

I am using Tomcat log in form with user name password and when click submit, apparently the action J_security_check is called.  Then JDBCRealm took over the authentication.


I know how JDBCRealm go in and check the user name and password from the database.


Now, my question is how does JDBCRealm "read in" the input user name  variable that coming from the user in order to compare withe the user name in the database for authentication?

Since I look at the code , they just call a method like authentication (String username, String password) kind of thing.  Is there some back ground process that J_security_check does to pass on these parameter to JDBCRealm?

Avatar of DeanHorak
DeanHorak

>>how does JDBCRealm "read in" the input user name  variable that coming from the user in order to compare withe the user name in the database for authentication?

The login form must contain fields for entering username and password. These fields must be named j_username and j_password, respectively. This form should post these values to j_security_check logical name.

>>Is there some back ground process that J_security_check does to pass on these parameter to JDBCRealm?

The whole process is described in the following link http://www.onjava.com/pub/a/onjava/2002/06/12/form.html
Avatar of fylix0000

ASKER

Thanks Dean,

the site is a good information but some how I still not sure the machanism of how the username/password parameter is passed onto the JDBCRealm.java for authentication.  What I am interested in is how JDBCRealm maps j_username into the "username" variable that is used by the program to authenticate against the database's username.


The reason I want to know this because instead of using user input, I am attempting to get JDBCRealm to read the window domain user name.

I have setup the NT side so that I can get the NT user name if I do : request.getRemoteUser()  ,  but I cant seem to get JDBCRealm to read in that user name.
Avatar of Mayank S
It might not be a good idea to get the Windows domain user-name because the user might be using a local ID (and not a network ID) to log on to the application and if he is using a proxy to connect to the server, it will be another problem.
ASKER CERTIFIED SOLUTION
Avatar of Acton Wang
Acton Wang
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer