1 Reply Latest reply on Jul 14, 2010 8:33 AM by brunoskrebs.bruno.krebseng.com.br

getRemoteUser() in Filter

brunoskrebs.bruno.krebseng.com.br Jul 13, 2010 5:20 PM

Hello there,

I'm trying to get the Remote User from HttpServletRequest from within a Filter that I pluged in my Seam Web Application, but is always returning null. Does anyone know why?

I'm able to get it from anywhere else (e.g authentication method and actions) but not from a Filter. I have tried to put the Filter in every level in the Filter hierarchy but nothing...

This is how I get from the authentication method:

HttpServletRequest req = ServletContexts.instance().getRequest();
System.out.println("IDENTITY MANAGER: " + req.getRemoteUser());

And since there is no ServletContexts available in the filter I try to get it from there like this:

IdentityRequestWrapper id = new IdentityRequestWrapper((HttpServletRequest)arg0);
System.out.println(id.getUserPrincipal());

I already tried it like:

HttpServletRequest id = (HttpServletRequest)arg0;
System.out.println(id.getUserPrincipal());

which as per my understand is the same. But not a chance.

Does anyone knows how I can manage to do that?

Thanks in advance,
Bruno Krebs.

1. Re: getRemoteUser() in Filter

brunoskrebs.bruno.krebseng.com.br Jul 14, 2010 8:33 AM (in response to brunoskrebs.bruno.krebseng.com.br)

Ok, I think I managed to do what I want, so just for record I'm posting it for further reference...

@Startup
@Scope(ScopeType.APPLICATION)
@Name("br.com.dbccompany.fiergs.controller.OSSOFilter")
@BypassInterceptors
@Filter(within="org.jboss.seam.web.multipartFilter")
public class OSSOFilter extends AbstractFilter {

     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
          HttpSession session = ((HttpServletRequest) request).getSession(false);
          if (session != null) {
               Object attribute = session.getAttribute("org.jboss.seam.security.identity");
               if (attribute instanceof Identity) {
                    Identity identity = (Identity) attribute;
                    System.out.println("+++++++++++++++++++++++++++++++++++++++++++++");
                    System.out.println(identity.getCredentials().getUsername());
               }
          }
          chain.doFilter(request, response);
     }

}

So as you can see I try to take a session from the user and then the user credentials (which is supposed to be the same from req.getRemoteUser()). Then I'm able to manipulate it as I want.