tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 42037] - User principal not always set correctly
Date Sun, 15 Apr 2007 19:17:13 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42037>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42037





------- Additional Comments From markt@apache.org  2007-04-15 12:17 -------
I don't see how this patch could fix the bug you are seeing. Neither subject nor
the session attribute Globals.SUBJECT_ATTR plays any part in getUserPrincipal().
Are you using a security manager? If you are, do you see the problem if you
don't use one?

I suspect that you have two requests in a session, the first authenticates the
user and the second calls getUserPrincipal(). If the call in the second request
is made to getUserPrincipal() before the first request completes then it will
return null.

Without a test case that demonstrates a valid user principal value being
overwritten with null or an explanation of *how* the patch fixes the issue, this
issue is going to get resolved as invalid.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message