Show TOC Start of Content Area

Procedure documentation Delaying User Authentication  Locate the document in its SAP Library structure

Use

The J2EE Engine’s Web Container enables users that are not authenticated to request Web applications resources, as long as these resources are not protected. If you have configured delayed authentication for the Web Container Service, you are logged in to the application only if the requested resource requires any login information (for example, you request a servlet that contains the HttpServletRequest.getRemoteUser() method to determine whether you are anonymous user or not and display the appropriate page). The login information is retrieved from the request. If no credentials are available with the request, you are not logged in.

You configure the user authentication delay using the DelayAuthentication property of the Web Container Service.

If authentication is not delayed, when the requested resource requires login information, you are not automatically logged in even if your login information is available with the request (the getRemoteUser() method in this case returns null). In this scenario, you will be forced to log in to the application when you attempt to access a protected Web resources collection.

Procedure

Use the Visual Administrator tool to configure the authentication delay:

...

       1.      Open the Properties tab of the Web Container Service.

       2.      Choose the DelayAuthentication property and enter the value of true to enable authentication delay, or false to disable it.

       3.      To add the new value to the list of properties, choose Update.

       4.      Choose This graphic is explained in the accompanying text (Save Properties) to save your settings.

 

End of Content Area