views:

209

answers:

2

Hello!

I'm opening a connection to WebService with an URLConnection class. I also set request property for basic authorization like this:

c.setRequestProperty("Authorization", "Basic " + usernameAndPasswordEncoded);

Where c is an object of type URLConnection. So this is client side of WebService call. Now on server side I need to get username from session:

User user = (User) request.getSession().getAttribute("user");

But this won't get an username. Also if I look through debug mode, I see an anonymous userName in HttpSession object. What to do to solve this problem, so that username is sent through client to WebService server for authorization?

Thanks everyone!

A: 

The servlet specification provides explicit abstractions for that - what you need is request.getRemoteUser()., or perhaps request.getUserPrincipal()

Michael Borgwardt
Both methods are giving me null...
zigomir
@zigomir: then the authorization process isn't working out. See if you can find any hints in the server log.
Michael Borgwardt
+3  A: 

On the server end, you need to specify the login method in web.xml. For example,

<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>My App</realm-name>
</login-config>

Once you do that, the username should be available using request.getRemoteUser().

ZZ Coder
Tnx. I had that, but I didn't have <security-constraint> defined in web.xml file.
zigomir