3

I'm running Tomcat 7 on Windows 7. All clients are running Windows 7 too .

I'm trying to print the client username on a test.jsp page so I use Waffle . Here is the WEB-INF/web.xml 

 <filter>
  <filter-name>SecurityFilter</filter-name>
  <filter-class>waffle.servlet.NegotiateSecurityFilter</filter-class>
  <init-param>
    <param-name>impersonate</param-name>
    <param-value>true</param-value>
  </init-param>
</filter>

Here is my test.jsp 

<% 
    String userId = Secur32Util.getUserNameEx(Secur32.EXTENDED_NAME_FORMAT.NameSamCompatible); 
    out.println(userId); 
%>

However it always prints the server computer username . I tried it on many client machines, and it always printed the server but not the client userid

Why? How to correct this?

john
  • 647
  • 5
  • 23
  • 53

2 Answers2

3

First, put waffle-api.jar on your project classpath. then put this xml code on your web.xml.

<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>waffle.servlet.NegotiateSecurityFilter</filter-class>
    <init-param>
        <param-name>principalFormat</param-name>
        <param-value>fqn</param-value>
    </init-param>
    <init-param>
        <param-name>roleFormat</param-name>
        <param-value>both</param-value>
    </init-param>
    <init-param>
        <param-name>allowGuestLogin</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>securityFilterProviders</param-name>
        <param-value>
        waffle.servlet.spi.NegotiateSecurityFilterProvider
        waffle.servlet.spi.BasicSecurityFilterProvider
    </param-value>
    </init-param>
    <init-param>
        <param-name>waffle.servlet.spi.NegotiateSecurityFilterProvider/protocols</param-name>
        <param-value>
        Negotiate
        NTLM
    </param-value>
    </init-param>
    <init-param>
        <param-name>waffle.servlet.spi.BasicSecurityFilterProvider/realm</param-name>
        <param-value>WaffleFilterDemo</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>SecurityFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

and use below code to get your clients username ;

HttpServletRequest request = (HttpServletRequest)Executions.getCurrent().getNativeRequest();
String user = request.getRemoteUser();

for more detail you can visit :

https://github.com/dblock/waffle

Credit Goes to klepon

Resource Link:

  1. http://forum.zkoss.org/question/96532/get-clients-username/
  2. https://stackoverflow.com/a/5891022/2293534
Community
  • 1
  • 1
SkyWalker
  • 28,384
  • 14
  • 74
  • 132
  • Thank you very much. I was aware of the `getRemoteUser()` method. However, it requires the client to authenticate with userid and password. Maybe I should restate my question. I need to get the client userid without the client having to go through authentication. However, the `getRemoteUser()` triggers a pop-up with userid and password form – john Oct 31 '16 at 19:50
  • This pop-up window defeats the purpose. The user types in the userid so that it could be printed on the page. I don't even need waffle for this – john Oct 31 '16 at 19:56
  • 1
    you have to use ntlm protocol in order to use waffle without entering credentials. it works for me. – Master Azazel Nov 22 '16 at 14:45
  • @john Did you got any solution for this? – Karthick Anbazhagan May 08 '19 at 09:21
1

The magic is: $pageContext.request.remoteUser

Michael-O
  • 18,123
  • 6
  • 55
  • 121
  • Thank you. However this method triggers a pop-up window that requires a client to type in the userid and password. This defeats the purpose. I don't even need waffle. I could simply ask the user to type in a userid in a text field. I want to get the userid without the client having to go though any extra steps – john Oct 31 '16 at 19:58
  • @john If so either Waffle is broken or you are doing something wrong. – Michael-O Oct 31 '16 at 20:01
  • It works fine with Internet Explorer only. Chrome and Firefox display pop-up authentication windows. – john Oct 31 '16 at 20:12
  • @john as I have told, you are doing something wrong. You have to tell Firefox to perform SPNEGO auth and it will do what you need. Modify `network.negotiate-auth.trusted-uris` and `network.negotiate-auth.delegation-uris` and it will work. – Michael-O Oct 31 '16 at 20:20