Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

HttpServletRequest.getRemoteUser() vs HttpServletRequest.getUserPrincipal().getName()

Tags:

java

http

security

jakarta-ee

active-directory

These two seem to be doing the same things. Can anyone explain the main difference between the two? When would you use one vs the other?

HttpServletRequest.getRemoteUser()

HttpServletRequest.getUserPrincipal().getName()

like image 263
Dimitry Avatar asked Dec 30 '11 15:12

Dimitry

People also ask

What is getRemoteUser?

getRemoteUser. public java.lang.String getRemoteUser() Returns the login of the user making this request, if the user has been authenticated, or null if the user has not been authenticated. Whether the user name is sent with each subsequent request depends on the browser and type of authentication.

What is Java getUserPrincipal?

getUserPrincipal() Returns a java. security. Principal object containing the name of the current authenticated user.

How do I find my HttpServletRequest username and password?

get(AuthorizationPolicy. class. getName()); From the policy object now I am able to get the username and password.

What is Httpservlet request?

The HttpServletRequest provides methods for accessing parameters of a request. The type of the request determines where the parameters come from. In most implementations, a GET request takes the parameters from the query string, while a POST request takes the parameters from the posted arguments.

1 Answers

A Principal represents someone who could potentially authenticate with your application. The Principal's name depends on the authentication method used:

  • a username such as "fred" (in the case of HTTP Basic authentication)
  • a Distinguished Name such as "CN=bob,O=myorg" (in the case of X.509 client certificates - in which case a X500Principal may be returned)

getRemoteUser() returns "the login of the user" which, in the case of HTTP Basic authentication, will also be the username; it doesn't map cleanly in the X.509 client certificate case though, since the user doesn't enter a "login" as such - in the example above, we could use the Distinguished Name or simply the CN, "bob".

The Javadocs state that "whether the user name is sent with each subsequent request depends on the browser and type of authentication", suggesting that getRemoteUser() was originally meant to provide data only for requests in which a username was entered. This, however, would result in it returning null for the majority of requests when cookie-based auth is in use - not too helpful!

In reality, getRemoteUser() often just calls getUserPrincipal().getName(); verified in Tomcat 6 and Jetty 6/7.

like image 113
SimonJ Avatar answered Oct 01 '22 03:10

SimonJ
Sign in to Comment

Related questions

How to programmatically create a Java ResultSet from custom data with no database
ANDROID: How to gain root access in an Android application?
What is the Java equivalent of C++'s const member function?
Scala's .type and Java's .class literal
Closest equivalent to SQLAlchemy for Java/Scala [closed]
How to define <welcome-file-list> and <error-page> in servlet 3.0's web.xml-less?
How do I get IntelliJ to give me a warning if I have failed to provide JavaDoc description/annotation for public fields and methods?
What is the use of @Serial annotation as of Java 14
log4j-vulnerability - Is log4j1.2.17 vulnerable (was unable to find any jndi code in source)?
Hibernate (JPA) inheritance mapping of abstract super classes
Eclipse debug view current line
Mockito isA(Class<T> clazz) How to resolve type safety?
Spring - Instantiating an Errors object
How to convert a SparseArray to ArrayList?
"com.jcraft.jsch.JSchException: Auth fail" with working passwords
Java Spring Boot Test: How to exclude java configuration class from test context
Why is there a "d" in the definition of Double.NaN = 0.0d / 0.0?
calling parent class method from child class object in java
What does "volatile" mean in Java?
Hashmap vs Array performance

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!