0 Replies Latest reply on Oct 10, 2005 8:10 PM by Matthias Falkenberg

    getUserPrincipal() STILL returning null

    Matthias Falkenberg Newbie

      I know this topic came up many times in the past and I swear I read several dozens of topics. But still I could not solve my problem. Please help!

      ======
      my aim:
      ======
      Accessing the user's login name in the servlet that is secured by FORM based authentication.

      ============
      proposals found:
      ============
      1.)
      implementing a filter (related to the j_security_check servlet) to grab the j_username of the login page and to store it within the session

      2.)
      writing my own login module

      3.)
      using valves (-> but I have to use JBoss AS 3.2.7, and the page http://wiki.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves says that this applies to 4.0.3+ only)

      4.)
      calling HttpServletRequest.getUserPrincipal() in the secured servlet

      ==========
      current choice:
      ==========
      I would really like to access the username as described in 4.
      But getUserPrincipal() returns null right after the redirect from j_security_check (I).
      BUT when I go back to the index.html and press the button to forward to the secured servlet again the method returns the correct username (II).

      I:
      index.html -> FORM based login -> secured servlet
      => getUserPrincipal() == null

      II:
      index.html -> secured servlet (authentication + authorization already done in step I)
      => getUserPrincipal() != null

      Any advice is welcome! Thanks,
      Matthias