I have a web application that is secured with standard JEE security. Then as part of the application logic I'd like to invoke a REST endpoint and it needs to be invoked with credentials of the user who is logged in to the web application. Question is if there is a way to obtain user name and password or is there any way to add Authorization header (for basic authentication) when invoking rest endpoint?
thanks in advance
If you have a control over REST endpoint security settings, you could use some sort of SSO instead of obtaining user name and password. It's quite simple to obtain user name via java.security.Principal interface. As for password - it's possible to intercept it via custom login module.