Getting a value from HttpServletRequest.getRemoteUser() in Tomcat without modifying application
(Using Java 6 and Tomcat 6.)
Is there a way for me to get HttpServletRequest.getRemoteUser() to return a value in my development environment (i.e. local
-
Here is a proof of concept
Valveimplementation which does it:import java.io.IOException; import java.security.Principal; import java.util.ArrayList; import java.util.List; import javax.servlet.ServletException; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.catalina.realm.GenericPrincipal; import org.apache.catalina.valves.ValveBase; public class RemoteUserValve extends ValveBase { public RemoteUserValve() { } @Override public void invoke(final Request request, final Response response) throws IOException, ServletException { final String username = "myUser"; final String credentials = "credentials"; final List<String> roles = new ArrayList<String>(); // Tomcat 7 version final Principal principal = new GenericPrincipal(username, credentials, roles); // Tomcat 6 version: // final Principal principal = new GenericPrincipal(null, // username, credentials, roles); request.setUserPrincipal(principal); getNext().invoke(request, response); } }(Tested with Tomcat 7.0.21.)
Compile it, put it inside a jar and copy the jar to the
apache-tomcat-7.0.21/libfolder. You need to modify theserver.xml:<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <Valve className="remoteuservalve.RemoteUserValve" /> ...I suppose it works inside the
EngineandContextcontainers too.More information:
- The Valve Component
- Valve javadoc
讨论(0) -
Use a local, file-based realm for testing. Check your
conf/tomcat-users.xmland create roles and users for your application and enable the security constraints in your web.xml. There are good examples in thetomcat-users.xml.讨论(0)
加载中...
- 热议问题