User authentication is handled by the server (more
later).
Once a user has logged in with user/password you can get
his name and authentication type:
//get the user's name
publicStringHttpServletRequest.getRemoteUser();
//get the authtype
publicStringHttpServletRequest.getAuthType();
//it is one of BASIC, DIGEST, FORM, CLIENT-CERT.