tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 12428] request.getUserPrincipal(): Misinterpretation of specification?
Date Fri, 01 Apr 2011 21:07:22 GMT

--- Comment #30 from Christopher Schultz <> 2011-04-01 17:07:10
EDT ---
Fascinating reading. My question would be: why does anyone want to have a
resource that doesn't need authentication (no security-constraint) but then
checks the authentication status, anyway (calls getPrincipal, isUserInRole,

If this "bug" was really ruining anyone's day, isn't it a simple matter of
providing an aliased URL to the same resource that /is/ protected by a
security-constrains and always sending authenticated users to /that/ URL

Glad the 9-year saga is over...

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message