5

I am using following code to get actual logged in user:

    IWindowsSecurityContext clientContext = WindowsSecurityContextImpl.getCurrent("Negotiate", "localhost");
    WindowsAuthProviderImpl provider = new WindowsAuthProviderImpl();
    IWindowsSecurityContext serverContext = null;

    do {
        if (serverContext != null) {
            byte[] tokenForTheClientOnTheServer = serverContext.getToken();
            SecBufferDesc continueToken = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, tokenForTheClientOnTheServer);
            clientContext.initialize(clientContext.getHandle(), continueToken, "localhost");
        }
        byte[] tokenForTheServerOnTheClient = clientContext.getToken();
        serverContext = provider.acceptSecurityToken("server-connection", tokenForTheServerOnTheClient, "Negotiate");

        System.out.println("SSO-Identity: " + serverContext.getIdentity().getFqn());

    } while (clientContext.getContinue());

    System.out.println("Identity: " + serverContext.getIdentity().getFqn());

It works fine when I start it in Eclipse and returns my username.

When I deploy my Web Application and start it in Tomcat, it returns nt-authority\system. But I need the name of the actual logged in user. (Using Waffle SSO in Tomcat works fine, but I have no possibility to get the name of the user)

Please, anyone an idea?

Edit: The user principal in eclipse is correct, too. When I start in Tomcat it is always null.

PaPaNi
  • 53
  • 5

2 Answers2

1

It gets you the user id that's running the Tomcat service on the server. If you need the user id from the client you should use request.getUserPrincipal().getName());

manojtc
  • 562
  • 3
  • 10
1

If you are trying to use waffle authentication in tomcat, you should be using filters rather than the standalone code. Your code now is good for some standalone applications eg Swing/win forms etc. But over the HTTP, it should be done using filters . Take a look at Using Spring security + tomcat

Karthik
  • 929
  • 2
  • 12
  • 24