user517491
Reputation:
Sharing user role between tomcat and web-app
How can I programmatically know, in my web app, the username and password or user role of the user who is currently logged into tomcat on which the app is deployed?
Upvotes: 1
Views: 360
Answers (1)
BalusC
Reputation: 1109292
This information is available by HttpServletRequest and inherently thus also ExternalContext.
The following methods are available:
String username = externalContext.getRemoteUser();
UserPrincipal principal = externalContext.getUserPrincipal();
boolean admin = externalContext.isUserInRole("ADMIN");
You cannot get the password in any way for security reasons.
Note that the HttpServletRequest is available as #{request} in EL. So the following should also be possible:
<p>Welcome, #{request.remoteUser}</p>
<h:panelGroup id="adminPanel" rendered="#{request.isUserInRole('ADMIN')}">
...
</h:panelGroup>
Upvotes: 4
Related Questions
- Tomcat security constraint for valid user
- Run different web apps as different users in Tomcat
- 401 unauthorized when login to manage my app
- How to setup Tomcat web.xml and context.xml for 2 different (user and admin) authentication
- j_security_check on tomcat with 2 user roles
- Programmatically assigning security role to user on login in JSF website
- Single user for whole application?
- How to maintain users of Tomcat basic authentication?
- shared security between websphere and tomcat
- JSF 2 - page access depending on user role