× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WDSCI-L
  3. June 2005

RE: Getting username in webfacing

I would think if you could determine the name of the bean webfacing is using
and the exact filed name you could add it to your jsp and then do 

<jsp:useBean id="webfacebean" class="packageName" scope="session" />

<%
String user = webfacebean.getUsername();
%>
Or 
<%
String user = request.getParameter("username"); 
%>

Either way you need to know the exact field name.

The version of was can make a difference. Single signon can also be solved
by the ldap server.

Hope this helps 

-----Original Message-----
From: Mark Phippard [mailto:MarkP@xxxxxxxxxxxxxxx] 
Sent: Thursday, June 23, 2005 11:25 AM
To: Websphere Development Studio Client for iSeries
Subject: Re: [WDSCI-L] Getting username in webfacing

wdsci-l-bounces@xxxxxxxxxxxx wrote on 06/23/2005 10:51:08 AM:

> I'm triyng to limit access to a WebFaced application based on username 
> and ip address, how can I get the username in JSP?
> 
> If anybody can help me it would be great.

I do not know what WebFacing offers in this area, but ideally you solve this
problem at the Apache or WebSphere level.  Force the login at that level,
and let it protect your application as you desire.  This has the added
advantage of letting you implement an Single Sign-On solution someday. 

In this scenario the user tries to access a URL.  If necessary, Apache or
WAS will challenge the user for their ID and password.  It will then permit
or deny access according to your rules.  Only when they are allowed, do they
now hit your WebFacing code.  Ideally, WebFacing apps have the ability to
pick up the identity of the user from the login they provided to Apache or
WAS so that they do not have to login again. 

Besides the easy security benefits, the user can move from app to app on
your server without logging in again.  The browser and Apache/WAS will
handle all of that negotiation.  Also, if you implement SSO, they might not
need to login at all.  Their client login will provide their credentials to
Apache/WAS.

Mark


____________________________________________________________________________
_
Scanned for SoftLanding Systems, Inc. by IBM Email Security Management
Services powered by MessageLabs. 
____________________________________________________________________________
_
--
This is the Websphere Development Studio Client for iSeries  (WDSCI-L)
mailing list To post a message email: WDSCI-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/wdsci-l
or email: WDSCI-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/wdsci-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.