-
1. Re: principal null
bkbonner May 28, 2003 1:17 AM (in response to caugustin)I'm seeing the principal as null on unsecured pages after I'm authenticated (using the usersrolesloginmodule).
I think this is a bug in Tomcat 4.1.24 (and possibly 4.1.12). It works in 4.0.6, but when you use tomcat 4.1.24 standalone I get a null behavior. I'm not sure what happens wrt apache. -
2. Re: principal null
petertje May 28, 2003 8:14 AM (in response to caugustin)No, it's not a bug, it is in the spec. Search the forums for more info, this is question that is often raised.
Cheers
Peter -
3. Re: principal null
johndoekyrgyz Jun 18, 2003 4:48 AM (in response to caugustin)Hello everyone,
I am experiencing a similar problem. I login successfully and recieve an error message about a null principal. This message originates from the EJBs that my servlet tries to access. Pressing refresh in my browser a few times brings me to the right page and everything works fine. Why is the SecurityContext of my servlet not being propagated to the EJB layer right away? I am using JBoss 3.2.1 with integrated Tomcat.
Any suggestions or links to other resources would be appreciated.
John -
-
5. Re: principal null
johndoekyrgyz Jun 20, 2003 11:34 AM (in response to caugustin)The problem wasn't really a problem at all.
This is what was happening. In the constructor of my Struts action, which was triggerd on demenad when a user requested the url mapped to that action, I created a login context that was linked to the client-login realm defined in my login-config.xml file. There was another logincontext in play when this was happening. This was the logincontext created by the servlet container when the user loged in, using form authentication. In my jbossweb.xml file I had the servlet container logging into the CitiHopeSecurityDomain. The two logincontexts created unpredictable results. By removing the login in the struts action and reshuffling the security settings in the ejb-jar.xml file I was able to get it to work.