I have a jsp (login page) where I do login in my application. Its works OK. I'm using debug to follow its.
When I pass of a jsp to a servlet or jsp to jsp in many cases I lost the user after login.
I'm using: request.getRemoteUser()
In some cases it returns null, in others returns the correct user. When it returns null, sometime after my application recovers the user.
Is it a security problem when I lost my user??
How can I do to keep user???
These case when it returns null, happen to be pages that are not secured i guess? getRemoteUser() is returning null there by specification.