Thanks for the reply but I don't follow.
1) is it valid to embed an ENVvariable into a URL to be sent to a web server? What is the syntax?
2) this would just be a decoded string (parameter) on the server side
Maybe lets start with describing what are you trying to do? How are you sending the HTTP request? From where? To where? How does it relate to JBoss AS 7?
Ok. Fair enough.
i Have a fairly simple servlet, un authenticated, running on Jboss.
the URL, I have a couple string parameters, that the servlet uses. So far, so good.
the clients are Windows machines, and I would like that the USERNAME environment variable be part of the URL so that the servlet knows the user name of the logged on user (OS) sending the request.
i Don't know if this is even allowed. If it is I can't figure out what the syntax of the URL string would be. I tried a few things.
What you are talking about would be for the web browser to be resolving the environment variable, which in turn means any malicious site the user connected to would be able to construct URLs to discover what it wants to know about the client machine.
"so that the servlet knows the user name of the logged on user (OS)"
Even if it was possible to resolve the variable the servlet would never know the user name of the logged in user, all it would ever know is the username contained within the URL.
You may be better with enabling Kerberos authentication so the username can be sent over properly as part of the authentication process.
+1 Darran is right, of couse anyone could spoof the username.