Geek Answers Handbook

Getting value from HttpServletRequest.getRemoteUser () in Tomcat without changing application

(Using Java 6 and Tomcat 6.)

Is there a way to get HttpServletRequest.getRemoteUser() to return a value in my development environment (e.g. localhost) without having to modify the web.xml application file?

I ask that the authentication implementation when deploying the application in a remote environment is handled by the web server and the connected tool. Having started locally, I obviously do not have a connected tool or a separate web server; I just have Tomcat 6. I'm trying not to add code to my application, just to support development on my localhost.

I hope there is a modification that I can make to the context.xml or server.xml files that will allow me to set the remote user ID or try to get it out of the HTTP header or something like that.

+7
java tomcat basic-authentication
source share
2 answers

Here is a proof of the implementation of Valve concept that does this:

 import java.io.IOException; import java.security.Principal; import java.util.ArrayList; import java.util.List; import javax.servlet.ServletException; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.catalina.realm.GenericPrincipal; import org.apache.catalina.valves.ValveBase; public class RemoteUserValve extends ValveBase { public RemoteUserValve() { } @Override public void invoke(final Request request, final Response response) throws IOException, ServletException { final String username = "myUser"; final String credentials = "credentials"; final List<String> roles = new ArrayList<String>(); // Tomcat 7 version final Principal principal = new GenericPrincipal(username, credentials, roles); // Tomcat 6 version: // final Principal principal = new GenericPrincipal(null, // username, credentials, roles); request.setUserPrincipal(principal); getNext().invoke(request, response); } }

(Tested with Tomcat 7.0.21.)

Compile it, put it in the jar and copy the jar to the apache-tomcat-7.0.21/lib folder. You need to change server.xml :

 <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <Valve className="remoteuservalve.RemoteUserValve" /> ...

I believe that it works inside the Engine and Context containers.

Additional Information:

+7
source

Use a local, file-based area for testing. Check conf/tomcat-users.xml and create roles and users for your application and enable security restrictions in your web.xml. There are good examples in tomcat-users.xml .

+1
source

More articles:


All Articles