tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Palumbo, Mark" <Mark.Palu...@roadway.com>
Subject RE: bug in getUserPrincipal()?
Date Mon, 18 Dec 2000 22:01:07 GMT
How did you "open" the second browser?  Did you ask your browser to spawn a
new browser window, or did you open a new one via an icon, system menu,
command line, etc.?

If you ask an IE browser to open a new window, the two "browsers" will share
the same cookie so tomcat will think they are the same user...



> -----Original Message-----
> From: Thom Park [mailto:tpark@borland.com]
> Sent: Monday, December 18, 2000 4:58 PM
> To: tomcat-user@jakarta.apache.org
> Subject: bug in getUserPrincipal()?
> 
> 
> Dear All,
> 
> I'm seeing some odd behavior from getUserPrincipal(). I have a simple
> servlet that calls:
> 
> getRemoteUser(), getUserPrincipal() and isUserInRole().
> 
> I've setup an appropriate web.xml and all is well until I access the
> same servlet from two web-browsers on the same machine.
> 
> In the first  browser, I login as user test1, in the second browser I
> log in as user tomcat.
> 
> In the first (correct) case, I see that the user is 'test1', the
> principal is 'test1' and the user is in role.
> In the second case, I see that the user is 'tomcat', but the principal
> is still 'test1'.
> 
> It seems to me that this is a bug (but I could be misconfiguring/using
> something wrong)..
> 
> Has anyone seen this behavior / can explain it such that I can
> understand this - am I misunderstanding the
> relationship between running servlets and connected clients?
> 
> 
> 

Mime
View raw message