• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Modifying a request using a Servlet Filter

 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I am trying to experiment with servlet filters. I have written a simple form based authentication in WSAD 5.0 that posts the j_securitycheck action . I have a scenario where the user is already in session. How do I get the user session information (I want the UserID) so that I can append (modify) it to the request header of a request when I invoke an application that needs the userid. What kind of a servlet filter do I use to modify the request? I believe I need to put a HttpRequestWrapper around the original request and use methods such as getRemoteUser to supply the user from the filter. But I am not sure. Thanks
 
Abid Sami
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Specifically I need to get the userId that had been posted from the j_security check action by the form based login (WSAD 5.0). Once I get the username from the session I need to "append" it to the request for an application which is a Servlet. But I am not able to get good examples how to do that especially on request wrappers.(are they any links?) I have got the basic logic down here but can you help me fine tune it.


In the domethod () I suppose I have to do this
RequestDispatcher rd = hrequest.getRequestDispatcher(�HS�); //HS is mapped to handle servlet where I the request need to go

hresponse.setHeader("SAMLAuthenticationMethod", "password");

PrincipalWrapper wrapper = new PrincipalWrapper(hrequest, new PrincipalImpl("user name here");

rd.forward(wrapper, hresponse);



Then I guess I can obtain the authenticated user from REMOTE_USER request header in handle servlet.

I guess I need to import java.security.Principal & sun.security.acl.PrincipalImpl;



/**

* <code>HttpServletRequest</code> wrapper class. Returns a locally specified principal.

*/

private class PrincipalWrapper extends HttpServletRequestWrapper {



private Principal principal;



private PrincipalWrapper(HttpServletRequest request, Principal principal) {

super(request);

this.principal = principal;

}



/**

* @see javax.servlet.http.HttpServletRequest#getRemoteUser()

*/

public String getRemoteUser() {

return principal.getName();

}



/**

* @see javax.servlet.http.HttpServletRequest#getUserPrincipal()

*/

public Principal getUserPrincipal() {

return principal;

}

}
 
I will suppress my every urge. But not this shameless plug:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic