java - How to get login attributes from a servlet/jsp

Question

Lately I've been working on implementing security for my web application, running on a Glassfish v3. I successfully managed to secure some resources by setting a basic authentication up like following:

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>vcards-admin</realm-name>
</login-config>

Now I was wondering how to get the user name introduced on the login prompt to fecth the actual data of the user. I thought there could be a session attribute to get that piece of data, but I don't know which one it is.

Am I wrong about the session attribute? Is there any other way to access that login information?

Thanks in advance.

Answer 1

It's available by HttpServletRequest#getUserPrincipal() or its shorthand HttpServletRequest#getRemoteUser():

String name = request.getUserPrincipal().getName();
// Or
String name = request.getRemoteUser();

Equivalently in JSP EL:

${pageContext.request.userPrincipal.name}
<!-- or -->
${pageContext.request.remoteUser}