tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 12428] New: - request.getUserPrincipal(): Misinterpretation of specification?
Date Mon, 09 Sep 2002 09:28:18 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12428>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12428

request.getUserPrincipal(): Misinterpretation of specification?

           Summary: request.getUserPrincipal(): Misinterpretation of
                    specification?
           Product: Tomcat 4
           Version: 4.0.4 Final
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: dylan@van-iersel.org


When calling request.getUserPrincipal() from an unprotected resource, the method returns 
null even when the user is actually authenticated.

>From Servlet 2.3 spec:
public 
java.security.Principal getUserPrincipal()
Returns a java.security.Principal object 
containing the name of the current
authenticated user. If the user has not been authenticated, 
the method returns
null.

My interpretation would be that once a user has been 
authenticated, a call to getUserPrincipal() would always return the associated Principal 
object whether it is from a protected or unprotected resource.

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message