kalyandm
asked on
getUserPrincipal query in jsp
Hello
I'm trying to implement single sign on jsp where in the jsp should retrive the details of the user(username & password) logged into the machine.I'm using the jsp code below
the web.xml has security roles configured already
--------------------------
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%
<%@page import="javax.security.aut
<%
Principal userPrincipal = request.getUserPrincipal()
String username=weblogic.security
out.println("Logged in user >>>>> " + " " + username +"<br>");
CallbackHandler handler = new weblogic.security.SimpleCa
Subject mySubject = weblogic.security.services
weblogic.servlet.security.
out.println("Principal " + " " + request.getUserPrincipal()
%>
but when I run this jsp , the principal is displayed as null for the first time and when I refresh the page it comes back with the user principal..can I know how it can retrive it in first place when I access this page..
I would also want to know how I can replace the hardcoded username & password values with something dynamic so it can use them
CallbackHandler handler = new weblogic.security.SimpleCa
thanks
I'm trying to implement single sign on jsp where in the jsp should retrive the details of the user(username & password) logged into the machine.I'm using the jsp code below
the web.xml has security roles configured already
--------------------------
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%
<%@page import="javax.security.aut
<%
Principal userPrincipal = request.getUserPrincipal()
String username=weblogic.security
out.println("Logged in user >>>>> " + " " + username +"<br>");
CallbackHandler handler = new weblogic.security.SimpleCa
Subject mySubject = weblogic.security.services
weblogic.servlet.security.
out.println("Principal " + " " + request.getUserPrincipal()
%>
but when I run this jsp , the principal is displayed as null for the first time and when I refresh the page it comes back with the user principal..can I know how it can retrive it in first place when I access this page..
I would also want to know how I can replace the hardcoded username & password values with something dynamic so it can use them
CallbackHandler handler = new weblogic.security.SimpleCa
thanks
ASKER
Hello
I tried userPrincipal.getName() but the very first time it returns null and subsequently returns the principal correctly.since this is the first jsp page that is accessed I would want to be able to get the username first time itself..please suggest
I tried userPrincipal.getName() but the very first time it returns null and subsequently returns the principal correctly.since this is the first jsp page that is accessed I would want to be able to get the username first time itself..please suggest
If the person is not logged in, then there won't be a username. There's nothing you can do about that.
The username can only be found once the user logs in. Where were you thinking you would get the username if the person is not logged in? Were you thinking it would be in the cookie or in a parameter?
The username can only be found once the user logs in. Where were you thinking you would get the username if the person is not logged in? Were you thinking it would be in the cookie or in a parameter?
ASKER
The user is logged in via the machine and within weblogic the security constraints are configured and a user group created , the sso configuration using kerberos with active directoy is setup.So when user logs into the machine to access the jsp the username should be available I thought ..is it not the case?
thanks
thanks
It is not the case. The servlet container has to know about the login. Don't users have to log in to see your page?
If users do not have to login, then you must have an action which automatically logs them in from the servlet container perspective. Your calls to weblogic.security.services
If users do not have to login, then you must have an action which automatically logs them in from the servlet container perspective. Your calls to weblogic.security.services
ASKER
the users don't have a login page..The idea is that the sso principle where the user logs into the machine should be used to go into the application.
regarding your second question..
yes I do but for the first time it comes back as null and after i refresh the page it comes back with the correct user.I can assure you that the authentication part is fine becoz if I put any user that doesn't exist in the system it comes back with an error which is how it should be.It should take the user I supplied in weblogic.security.services
and then validate it agaianst weblogic configured group..this aprt is working fine ..my doubt is how do I get the username/password that I need to pass onto
weblogic.servlet.security.
thanks
regarding your second question..
yes I do but for the first time it comes back as null and after i refresh the page it comes back with the correct user.I can assure you that the authentication part is fine becoz if I put any user that doesn't exist in the system it comes back with an error which is how it should be.It should take the user I supplied in weblogic.security.services
and then validate it agaianst weblogic configured group..this aprt is working fine ..my doubt is how do I get the username/password that I need to pass onto
weblogic.servlet.security.
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
it partly answered my query
If you use this line, you'll get the username:
String username = userPrincipal.getName();