Get security information
package com.ack.web.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class GetSecurityInformation extends HttpServlet {
public void doGet( HttpServletRequest req, HttpServletResponse res )
throws ServletException, IOException {
res.setContentType( "text/html" );
PrintWriter pw = res.getWriter();
/**
* security information made available within servlets
*/
pw.println( "
user principal: " + req.getUserPrincipal().getName() );
pw.println( "
authentication type: " + req.getAuthType() );
pw.println( "
user in footie role: " + req.isUserInRole( "footie" ) );
pw.println( "
are we using HTTPS: " + req.isSecure() );
}
}
/**
* Here is a dump of the web.xml file containing the security
* configuration details.
*
footie_time
com.ack.web.servlet.BasicAuthenticationWebResource
footie_time
/protected/footie/get_time
security_info
com.ack.servlet.GetSecurityInfo
security_info
/protected/footie/info
protected_zone
/protected/footie/*
GET
POST
PUT
DELETE
HEAD
OPTIONS
TRACE
footie
NONE
BASIC
pure genius football club
the footie guys
footie
*/