This content has been marked as final. Show 2 replies
I see in the release notes for 3.2.4RC1 it says:
Use the RealmMapping to obtain the CallerPrincipal mapping as the
Principal returned from the authenticate methods. This allows a custom
principal installed by a JAAS login module to be seen in the HttpServletRequest
I guess that is explaining the behaviour I see.
I'm not clear why this feature exists. Is it just a convenience thing to map the user name to some other name. In what scenario is that useful/necessary?
The 3.2.4RC1 behavior is the correct behavior and is the behavior seen in the ejb container all along. Since the caller has a caller principal mapping, this is what should be returned.