7 Replies Latest reply on Apr 21, 2004 11:32 AM by erik777

    Getting login name in a jsp

    lords_diakonos
    lords_diakonos Apr 20, 2004 5:10 PM

      I am using the below code in web.xml

      <security-constraint>
 <web-resource-collection>
 <web-resource-name>*</web-resource-name>
 <url-pattern>/*</url-pattern>
 </web-resource-collection>
 <auth-constraint>
 <role-name>*</role-name>
 </auth-constraint>
 <user-data-constraint>
 <transport-guarantee>NONE</transport-guarantee>
 </user-data-constraint>
 </security-constraint>
 <login-config>
 <auth-method>FORM</auth-method>
 <form-login-config>
 <form-login-page>/login.jsp</form-login-page>
 <form-error-page>/loginerror.html</form-error-page>
 </form-login-config>
 </login-config>


      My page logs in fine and goes to index.jsp. My question is in the jsp page how do I get the username? I can do it with a servlet but am unsure about the jsp page. Thank you in advance for any help.

      • 7526 Views
      • Tags:
        • 1. Re: Getting login name in a jsp
          erik777
          erik777 Apr 20, 2004 10:17 PM (in response to lords_diakonos)

          A JSP page is a servlet, so you can do everything you can do with a servlet.

          The JSP page gives you objects that you would normally either receive or derive from servlet parameters: application, session, request and response. Although you could derive the application and session from the request object, JSPs save you the effort.

          Based on other posts, request.getUserPrincipal() returns the user name.

          http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletRequest.html#getUserPrincipal()

            • Actions
          • 2. Re: Getting login name in a jsp
            lords_diakonos
            lords_diakonos Apr 21, 2004 7:59 AM (in response to lords_diakonos)

            OK I did get it working here is the code I used. I would like to know if there is a better way I can do this. I am trying to get the user name which I will be using to pull personalized data from a database which is the reason I need the username. I am trying to do the site mainly in jsp but I am somewhat new to j2ee stuff and would welcome any feedback one could give me about a better way.

            <%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jstl/sql" prefix="sql" %>
<%@ taglib uri="http://java.sun.com/jstl/xml" prefix="x" %>
<%@ page import="javax.servlet.http.HttpServlet" %>
<%@ page import="java.security.Principal" %>
<%@ page import="javax.servlet.http.HttpServletResponse" %>
<%@ page import="javax.servlet.http.HttpServletRequest" %>

<html>
<head>
<title>
index
</title>
</head>
<jsp:useBean id="indexBeanId" scope="session" class="nnet.IndexBean" />
<jsp:setProperty name="indexBeanId" property="*" />
<body bgcolor="#008000">



Welcome <%= getName(request) %>
<form method="post">
<br>Enter new value : <input name="sample"><br>
<br><br>
<input type="submit" name="Submit" value="Submit">
<input type="reset" value="Reset">
<br>
Value of Bean property is :<jsp:getProperty name="indexBeanId" property="sample" />
</form>
</body>
</html>
<%!
private String getName(HttpServletRequest request) {
 Principal user = request.getUserPrincipal();
 String name = user.getName();
 return name;
}
%>


              • Actions
            • 3. Re: Getting login name in a jsp
              erik777
              erik777 Apr 21, 2004 8:29 AM (in response to lords_diakonos)

              IMHO, using JoshuaBranch AS is a better way. :) But, that's just my humble opinion.

              One note about your code, request.getUserPrincipal() can return null. You might want to use something like this:

              <%!
private String getName(HttpServletRequest request) {
 Principal user = request.getUserPrincipal();
 if (user != null)
 return user.getName();

 return ""; // or return null
}
%>


                • Actions
              • 4. Re: Getting login name in a jsp
                lords_diakonos
                lords_diakonos Apr 21, 2004 8:41 AM (in response to lords_diakonos)

                A user should never be on the page without being loged in. See web.xml code in earlier posting.

                <web-resource-collection>
 <web-resource-name>*</web-resource-name>
 <url-pattern>/*</url-pattern>
 </web-resource-collection>
                I am using the browseLDAPmodule because I am connecting to AD. I guess what I am asking is is their a better way useing jsp to do what I am doing from a syntax ro coding standpoint then what I did. Thank you again for any help.

                  • Actions
                • 5. Re: Getting login name in a jsp
                  spiritualmechanic Apr 21, 2004 10:22 AM (in response to lords_diakonos)

                  It looks fine. If things were more complicated, you'd want to put it in a piece of Java code and let the JSP call the Java code.

                    • Actions
                  • 6. Re: Getting login name in a jsp
                    lords_diakonos
                    lords_diakonos Apr 21, 2004 11:06 AM (in response to lords_diakonos)

                    Being new to j2ee could you explain that to me? Do you mean to make a seperate jsp page and use that as a controller? How exactly can I do that here?

                      • Actions
                    • 7. Re: Getting login name in a jsp
                      erik777
                      erik777 Apr 21, 2004 11:32 AM (in response to lords_diakonos)

                      There are a lot of architectural issues with web development. You can use Struts to create an Model 2 architecture, where your business logic is separate from your presentation.

                      I personally find Struts to be overkill if you are the only developer, though. One of it's strong points is to help people create JSPs that have little experience in programming. Thus, it's ideal for a large team environment where at least one person will specialize in presentation of content.

                      Regardless, with or without Struts, you probably want to put most of your code in plain old Java objects (POJOs). If you use Struts, your actions will simply invoke them. If you use JSP pages primarily, then your JSP pages will invoke them

                      What I do is create a main class for interfacing with the application. Since I use JoshuaBranch AS (JBAS), this class is a subclass of the main JBAS web class. I usually pass either the session or request object to it on instantiation, and even cache instances with those levels. This gives these objects complete access to the container, while also permitting object caching for high performance and cross-JSP data sharing. Thus, a JSP page will obtain a request instance with a syntax like this:

                      MyAppWeb myApp = MyAppWeb.getInstance(request);

                      All JSP pages that call this obtain the same instance for a single request. Moreover, this object can not derive the application and session objects.

                      Since this object is tied to the request object, it can easily call the getUserPrincipal() method, and other context sensitive logic.

                      In cases where I want a JSP page to have an isolated instance, I calll the constructor. I do this when I want it to bind to a form interface:

                      MyAppWeb myApp = new MyAppWeb(request, customerForm);

                      Either way, you really want to get your logic into Java classes that can be called from anywhere.

                      If I create other supporting classes, I let the main class instantiate them. This permits lazy instantiation and permits this main class to have access to all functionality. Thus, if a JSP page absolutely needs an instance to another class, it can do something like:

                      LoginHelper loginHelper = myApp.getLoginHelper();

                      The getLoginHelper() method will use lazy instantiation to construct and store the object inside itself.

                      You can easily get a half dozen opinions on the best way to do things. I like to reinvent for my needs, rather than follow the status quo. I consider the pros and cons of the status quo, and compare them to my needs, taking the best of the best. Then I reinvent.

                      The techniques I use are highly portable to a Struts environment if I should choose to use it later. Today, however, I don't want the third-party dependency since users of JBAS could use a different version of Struts.

                      There's also the world of JSP tags. However, their benefits are similar to Struts. They are ideal for people who create content in JSP pages that aren't proficient programmers. They permit them to use an HTML-like syntax instead of embedding Java code.

                      Is it possible that your project can evolve to include a large team? Will it involve content creators that are not necessarily conducive to Java coding? Do you intend to have different presentation target platforms, such as WML in addition to HTML? These are the questions you have to ask, as they weigh in heavily on which architecture is best for you.

                      Regardless, I think you'll find putting your non-presentation logic, which includes handling requests and session state, in your Java classes, separate from JSP pages, to be beneficial. Think in terms of minimizing coding in your JSP pages. Let your JSP pages focus on presentation, and let your Java classes focus on business and data process processing.

                        • Actions