I see your point.
But could I password-enable the directory where my applet is located,
so that the user has to authenticate to the webserver, and then let EAServer
get hold of the authenticated username. As long as I know that the user
has been authenticated by the webserver, I am just interested in the username
to set up personalized settings, which entities the user shall be able
to access and so on. I have been writing a servlet application where the
user where authenticated by the webserver, and by calling request.getRemoteUser()
I was able to get his username. This is more or less what I would like
At the moment I am using OS authentication, but this forces all my users
to logon to my system with their NT-domain username/password, which actually
gives me the possibility to get hold of them. I don't think the domain
admins are satisfied with the solution.
"Dave Wolf [Sybase]" wrote:
This would not be allowed
in an Applet unless you sign it and request special permissions to make
native method calls. JavaSoft prevented such functionality in Applets
because of the serious security risk. Imagine if the downloaded applet
grabbed your username and password and sent it back to the server, or worse
yet, another server. Now EAS itself can use the
NT security registry for its users and passwords.
Dave WolfInternet Applications Division
S. Brunvoll" <firstname.lastname@example.org> wrote
in message news:38E0598B.7C6928CE@avenir.no...Is
it possible to get hold of the NT username (and password?) from an applet
client application? I would like to use single sign-on in my application,
so that the username in my application is the same as the users NT-username.
My production environment is NT 4, IIS and EAServer.
I have been doing this with a servlet-application (JRun) running under
IIS before, but is this still possible when client communication is over
IIOP? Any recommendation of books or other resources regarding the subject
will be appriciated.