3 Replies Latest reply on Feb 27, 2004 2:32 PM by martin0

    how is principal cached for subsequent accesses to web appli

    martin0 Novice


      I'm using form based JAAS authentication on a struts application.

      I successfully login, and can still go to unchecked resources, but if I try to access another restricted resource I get a null principal.

      I'm using unauthenticatedIdentity for the unchecked stuff, but I don't know how the principal is maintained (by the container?) for subsequent actions.

      I'm reluctant to use the ClientLoginModule because
      a) it's not used the JavaWorld JAAS example from JBoss
      b) there is talk on the forum of thread pooling that implies is an unreliable solution.