-
1. Re: request.getUserPrincipal returns null
gfzhang Apr 14, 2004 8:24 PM (in response to jbosslogin)It seems that the request.getUserPrincipal() will return non-null value only when you request the protected resource secured by <security-constraint> in web.xml on JBoss even if the user sent the request has been authecticated.
-
2. Re: request.getUserPrincipal returns null
starksm64 Apr 14, 2004 9:42 PM (in response to jbosslogin)A JAAS login in a filter does not affect the request getUserPrincipal value as this is only set in the web container has authenticated the caller and this occurs before the filter is called. The only way getUserPrincipal returns non-null is when secured content is being accessed.
-
3. Re: request.getUserPrincipal returns null
jbosslogin Apr 15, 2004 7:27 AM (in response to jbosslogin)<<
A JAAS login in a filter does not affect the request getUserPrincipal value as this is only set in the web container has authenticated the caller and this occurs before the filter is called.
>>
I am doing the programmatic JAAS authentication not declarative way. The security filter gets the username and the password from the callbackhandler and passes to the loginContext. Right after that, in the same filter, if I call request.getUserPrincipal, it returns me null. However, I could get the Subject from the loginContext in the same filter.
<<
The only way getUserPrincipal returns non-null is when secured content is being accessed.
>>
I have secured all the pages by defining in the filter mapping as /*
Thanks in advance! -
4. Re: request.getUserPrincipal returns null
montia Apr 19, 2004 7:32 PM (in response to jbosslogin)I am doing programmatic authentication using filters as well. I work with JBoss 3.2.1 and I can see the same behaviour.
I tried using JBoss 3.2.4RC1 as it seemed from a couple of threads I read that the behaviour might be different when using a more up-to-date version of JBoss. I saw the same behaviour on the first go, and I didn't have too much time to waste on that, so I'm back to using 3.2.1
I decided to use the Subject to get the roles immediately after authentication succeeds and then add those roles to the user session. It was a bit of a pain retrieving all the roles from the Subject, but I need to do it just once so that's ok.
I found the following link in one of the threads here, but I did not try it out. Just in case you're interested:
http://www.huchley.com/nerds/jboss.jsp#isUserInRole
Ciao! -
5. Re: request.getUserPrincipal returns null
erik777 Apr 20, 2004 8:33 PM (in response to jbosslogin)I'm a little confused. I thought JBoss 3.2.x used J2SE 1.4 and J2EE 1.3. Does it use all or some of J2EE 1.4? I checked the API docs for 1.3 and 1.4, and I only saw response.getUserPrincipal() on 1.4.
-
6. Re: request.getUserPrincipal returns null
claude.glauser Apr 21, 2004 4:43 PM (in response to jbosslogin)It is HttpServletRequest, not the HttpResponse, which offers this mehtod (J2EE 1.3).
-
7. Re: request.getUserPrincipal returns null
erik777 Apr 21, 2004 5:01 PM (in response to jbosslogin)I was thinking request, but typed response. Don't know how I found it in 1.4 but not in 1.3. :)
http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpServletRequest.html#getUserPrincipal() -
8. Re: request.getUserPrincipal returns null
sachin1506 Jan 1, 2009 11:49 PM (in response to jbosslogin)hey jasslogin ...
did you find the solution infact am also having same issue while working on jboss3.2.6