0 Replies Latest reply on Sep 15, 2001 1:29 PM by Alexander Sparkowsky

    Jboss 2.4.1a - Tomcat 3.2.2 principal=null

    Alexander Sparkowsky Newbie


      I have to come up with a problem we have since we use jboss (2.2.2 till now 2.4.1a).

      We have an application which consist of a server, a web-application (call it A) which authenticates using the SecurityDomain mechanism and another web-application (B) which logs into the server unsing a LoginContext().

      With A a SecurityException (principal=null) occures sporatically manly when the user doesn't send a request for a few minutes but before sessiontimeout is reached.

      With B the same exception occures more often. It consists of two requests. The first request logs into the server and creates a statefull SessionBeans (which itself creates Session- and EntityBeans) the second request useses this beans. The second request often failed untill Version 2.4.1(a) and fails everytime with JBoss 2.4.1a. I found out that the second request works everytime when I do a myLoginContext.login() just before the first call to my SessionBean.

      Unfortunately I'm not able to make this call in Servlet A as long as I do not start using a LoginContext.

      Do I really have to call myLoginContext.login() for each request, or is it a bug (or a feature ;-) )?