Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 3211 invoked from network); 22 Apr 2008 22:38:48 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 22 Apr 2008 22:38:48 -0000 Received: (qmail 21982 invoked by uid 500); 22 Apr 2008 22:38:37 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 21963 invoked by uid 500); 22 Apr 2008 22:38:37 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 21952 invoked by uid 99); 22 Apr 2008 22:38:37 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Apr 2008 15:38:36 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of randomcodemonkey@gmail.com designates 74.125.46.155 as permitted sender) Received: from [74.125.46.155] (HELO yw-out-1718.google.com) (74.125.46.155) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Apr 2008 22:37:53 +0000 Received: by yw-out-1718.google.com with SMTP id 9so1310560ywk.54 for ; Tue, 22 Apr 2008 15:37:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=zlmEpTv4pO/ZVzPp7FPc8/nuiVmKwTAqbOtRttT/KCw=; b=TKvIPRE02P1lKrtNoibvbc5QKV3qXfQJoPurPiJ4hQlgESOhgGDHnSm6JXpNMSgAkL6zw0zNWBegtBLbjxeDmr79tuQGfP1cNZCF6h8uXEH+bkBwXy9mBLxJzMBqxoH3/YyKghIyztvTynmiISo0N7/HbLI+XhgmwW5GkfO6ZHw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=Tz3I3IyQaExwgA1mNSEJtG1FUyTHB65l/N2Nc98iI1vAS90gND6a5shaOnokEgl22zctgyvYoJGNY/HEaaCDO2Xj0hA/TzpPzT75hG9Czy0g7yK1BLucfnzitXdGivy14QPJ6TaGtHQAC5cJinBZgLNgLF0wPt56sBnrtAIZado= Received: by 10.151.84.12 with SMTP id m12mr961681ybl.169.1208901942599; Tue, 22 Apr 2008 15:05:42 -0700 (PDT) Received: by 10.150.197.21 with HTTP; Tue, 22 Apr 2008 15:05:42 -0700 (PDT) Message-ID: <1c6767340804221505y6923c184o487aa6eb60860a96@mail.gmail.com> Date: Tue, 22 Apr 2008 18:05:42 -0400 From: FR To: users@tomcat.apache.org Subject: How to figure out if a user is authenticated when using single sign on? MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Virus-Checked: Checked by ClamAV on apache.org I recently attempted to upgrade our sites from tomcat 5.5.17, and at some point the behavior of request.getUserPrincipal() changed so it now returns null for all URLs except those declared to require authentication. (Actually, it seems like the behavior was changed long before 5.5.17, but regressed then was fixed again). That completely sucks and seems completely contrary to what the servlet javadoc implies, but whatever, deal with it or write my own container, I guess. The standard workaround mentioned is to place user information in session, but that won't work across webapps using Single Sign On. I have a bunch of webapps, only one of which is protected and requires login, the rest work fine without logging in, but display different information when the user is logged in. This worked great when getUserPrincipal returned a Principal on every URL after login, but I can't figure out any way to do it now. I can just pass the userid around in every URL, but that seems... not good... and involves changing a lot of links. Is there any way of seeing if a user has been authenticated (and get their username) that works across webapps? --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org