1 Reply Latest reply on Jan 17, 2006 8:59 PM by Jean Croteau

    anonymous authentication

    mron0210 Newbie

      Does JBoss support the notion of anonymous authentication for Servlet and EJB. I couldn't find any information on anonymous user support in the documentation. Say a user is not authenticated and tries to access a public page, what does getUserPrincipal()/getCallerPrincipal() return ?

        • 1. Re: anonymous authentication
          Jean Croteau Newbie

          I think that in your jboss-web.xml or jboss.xml files, you can specify the default principal to be used when not authenticated using the <unauthenticated-principal> xml tag.

          When you call the getUserPrincipal, the getName method should in theory return whatever value is in your unauthenticated-principal tag.

          Look into the DTD for the XML or in the JBoss documentation on security, there should be some helpful things in there.