• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security issue

 
Ernest Lee
Ranch Hand
Posts: 145
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
if i used the <auth-type> tag to protect my files, will the username and password entered by the client avaliable to my code??
i guess the answer is no.... am i right?
 
Tim Duncan
Ranch Hand
Posts: 150
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Best not to guess ...
HttpServletRequest has a method "getRemoteUser()" which returns the user's login name (as a string) if authenticated, and null otherwise.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic