Dashboard > WebWork > ... > FAQ > How do I get JEE J2EE security info
  WebWork Log In View a printable version of the current page.  
  How do I get JEE J2EE security info
 Browse Space
Added by tm_jee, last edited by tm_jee on Nov 10, 2005  (view change)
Labels: 
(None)

Method A:

HttpServletRequest request = ....   // get HttpServletRequest
request.getAuthType()               // http or https
request.getRemoteUser()             // the user principal (in string)
request.getUserPrincipal()          // get a Principal object
request.isUserInRole(String)

Method B: (Recommended)

  • Not tied to Servlet spec
  • Help in unit testing

Have the action implements PrincipalAware and add 'servlet-config' interceptor to it. a PrincipalProxy object will be set to method setPrincipalProxy(PrincipalProxy). With PrincipalProxy, one could have access to methods such as isUserInRole(), getUserPrincipal(), getRemoteUser(), isRequestSecure() etc.

@see com.opensymphony.webwork.interceptor.PrincipalProxy
@see com.opensymphony.webwork.interceptor.PrincipalAware
@see com.opensymphony.webwork.interceptor.ServletConfigInterceptor
Site powered by a free Open Source Project / Non-profit License (more) of Confluence - the Enterprise wiki.
Learn more or evaluate Confluence for your organisation.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.2.9 Build:#527 Sep 07, 2006) - Bug/feature request - Contact Administrators