I've a Java servlet class which is accessing a NetApp folder for files. The class is running on Tomcat 6.0 on Windows 2003 and uses Active Directory authenication (LDAP) to authenticate the webapp users.
Tomcat (and thus also the webapp with the Java servlet classes) itself is running with account xyz, which is a service account. The NetApp folder has various permissions set on some groups.
Right now I check if the webapp user is part of the groups by issuing the AD query:
"cmd.exe /C dsquery user -samid <username> dsget user -memberof -expand|grep -f <filename containing groups>"
This is a bit tedious and error prone because if somebody adds a new group to the folder in NetApp, the above command will fail unless I update the groups file. So, is there any way to impersonate the accessing userid in Java and get the file directly from netapp and by pass the above AD check?