I am using a custom LoginModule whose commit() method looks like this:
Set ssoUserPrincipals = subject.getPrincipals(SSOUser.class);
Group callerPrincipal = new SimpleGroup("CallerPrincipal");
Iterator j = ssoUserPrincipals.iterator();
if (j.hasNext()) {
Principal user = (Principal) j.next();
callerPrincipal.addMember(user);
}
subject.getPrincipals().add(callerPrincipal);
SSOUser is the custom principal. This LoginModule is invoked by a Tomcat valve to perform authentication.
My web.xml snippet looks like this:
<servlet-mapping>
<servlet-name>SSOServlet</servlet-name>
<url-pattern>/SSOServlet</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>protected-resources</web-resource-name>
<url-pattern>/SSO*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
The HttpServletRequest.getUserPrincipal() in the doGet() of ..../SSOServlet returns null.
Am i missing something? Pls help.
Thanks
Himadri
Just to add ... i am using JBoss 4.0.2.
Thanks