How to set header in JSP

I have to set a value in the http header and I know how to do this in a servlet but I'm not sure how to do so in a JSP.   I am basically trying to implement Single Sign On within a product called Vignette.  I control what is passed to the Vignette proxy server (TAS) URL.  I have attached the TAS class that handles authentication into Vignette.  It is called HttpUserNameCallback.  Save the file as .java   Please just refer to the  getUserName() method in this class as it is called first.  I tried to post the variable sm_user within a form post in JSP (below).    This does not work.  I've been instructed that sm_user must be present in the HTTP REQUEST HEADER.    I'm not sure how to do so.  My JSP code is below.   Please help!!! I've been at this for 3 1/2 weeks and I'm finally at the end but need to cross the line here.
<form name="postform" method="post" action="http://q4csp1m3.tdc.cingular.net:8001/AppConsole/">
 
<input type="hidden" value="<%=attVal%>" name="sm_user" />
	<SCRIPT type="text/javascript">
	document.postform.submit();
</SCRIPT>

Open in new window

HttpUserNameCallback.txt
cmlane08Asked:
Who is Participating?
 
cmlane08Connect With a Mentor Author Commented:
The following reference is essentially what I'm attempting to do:

http://www.coderanch.com/t/366278/Servlets/java/Adding-customized-header-HTTP-request

0
 
Murali MurugesanFull stack Java developerCommented:
0
 
cmlane08Author Commented:
thanks for the response.   I am checking now.
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
cmlane08Author Commented:
I'm not sure how this example is helpful.  I understand what TAS (which interfaces with SiteMinder) is doing in the getUserName method.   My question is how to set a header name of "SM_USER" in the HTTP  REQUEST.     I would like to do so from my JSP but if this isn't possible, I need guidance on how to accomplish this in a Java Servlet that I can call from my JSP.    

I think I can use the response.setHeader("name", "value")

but I'm not sure if this will work.    I'm basically trying to simulate what SiteMinder would do if it was sending a request to TAS (Trusted Authentication Service) but again, I need to do so from a JSP page or a servlet.   My JSP is basically reading a cookie that was set by our SSO (Single Sign On) service.
0
 
Murali MurugesanFull stack Java developerCommented:
as far as i am concerned you cannot use "sm_user" header in HttpRequest. sm_user is a predefined header attribute in Siteminder request object and has nothing to do with HttpRequest headers.

You need to achieve this in alternate way like Webservice call....

-Murali*
0
 
cmlane08Author Commented:
I can call it anything I want.   It doesn't have to be "sm_user".   I was just doing this so I wouldn't have to write a new class that extends the current HttpUserNameCallback class and looks for my attribute name instead of "sm_user".   I can do this however.   It's no big deal.    

The question is whether or not it's possible to set a custom header in a JSP and then forward the Request object to a different page or URL.   I know that the HttpUserNameCallback class will be called when the TAS URL request is made and it's currently looking for a username value (below).   What can I do if I need to send the userName value in a header to the TAS URL?

 public String getUserName(HttpServletRequest request)
        throws RemoteDataException
    {
        if(useIdentifier)
        {
            String identifierHeaderCheck = request.getHeader(identifierHeaderName);
            if(identifierHeaderCheck != null && identifierHeaderCheck.equals(identifierHeaderValue))
                LOG.debug("Identifier passed security check");
            else
                throw new RemoteDataException("user_not_authenticated_error_label", "The user cannot be authenticated");
        }
        String userName = request.getHeader(userNameHeader);
        if(userName == null)
            userName = request.getRemoteUser();
        LOG.debug("Getting " + userName + " from the request");
        return userName;
    }
0
 
cmlane08Author Commented:
0
 
Murali MurugesanFull stack Java developerCommented:
You cannot add attributes to  the HTTP headers in jsp or servlets. But filters could help to override it.

See this http://www.theserverside.com/discussions/thread.tss?thread_id=41118
0
 
cmlane08Author Commented:
So let me ensure I understand, within my JSP, I will still retrieve the cookie value I need but I will make a call to a filter class that will allow me to set a custom HTTP Header and then redirect to the TAS URL.  How will I obtain this value?

Please understand the flow.   Our SSO application will only redirect to a JSP page after authenticating a user and setting a cookie.  It will not pass anything or create a header.  It is up to me within the JSP to obtain the value I need from the cookie and then redirect to the TAS URL with the necessary variable in the HTTP REQUEST HEADER.  Since you're saying I can't do this directly within the JSP, it sounds like I need to create a filter class that is called from my JSP and within this class, I need to set a header and then redirect to the TAS URL.  

Does this sound correct?  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.