2 Replies Latest reply: Jun 8, 2011 11:52 PM by DarrylBurke RSS

    Parsing information from a header?

    865485
      Hello all,

      I'm new to the website and was hoping I could get a bit of help with a problem I am having.

      I need to change how a user logs into one of their internal websites. Currently the users are having to physically login by entering their username/password etc. My goal is to have the login system pull that information in the background so that when the user clicks on the website they will essentially be granted access into the page.

      The users are currently required to login to their physical computer in general by means of a CaC card. When a user tries to access the internal website IIS pulls a Cert and gives me a header that basically states that the user is authenticated to log into the website. Within that header there is a unique identification number that is assigned to each user. I need to somehow be able to parse that unique number and have the system use it to login while having that whole process hidden to the user.

      I have tried searching for this online but am having a hard time finding information on exactly what I am trying to do.

      Any help would be appreciated,

      Thanks!
        • 1. Re: Parsing information from a header?
          EJP
          You need to look into:

          1. Container Managed Authentication in servlet containers
          2. Doing that via JAAS.
          3. JAAS itself, specifically the NTLM module (assuming this is Windows?), otherwise the relevant Unix module.

          Your title seems completey irrelevant to me. I suggest you update it to something more appropriate. Single sign-on for example.
          • 2. Re: Parsing information from a header?
            DarrylBurke
            Cross posted
            http://www.java-forums.org/java-servlet/44755-parsing-information-header.html

            And one more that Google cached but has evidently since been removed.
            http://webcache.googleusercontent.com/search?q=cache:EGiy4xSg_QsJ:app.servers-blog.com/+%22Currently+the+users+are+having+to+physically+login%22+by+entering+their+username/password+etc.&cd=3&hl=en&ct=clnk&gl=in&client=opera&source=www.google.co.in

            db