tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: of the different methods to get a user-id
Date Thu, 12 Feb 2009 14:51:54 GMT
Tim Funk wrote:
> Personally -
> I would expect
> request.getRemoteUser() == request.getUserPrincipal().getName()
> But there no literature which says that must be so. 

And the reality shows it isn't.
So somehow there must be two distinct underlying "thingies" in Tomcat 
where the two different answers are coming from.

So in that absence
> of that - you'll probably need a RemoteUserHackFilter to unify the 
> various behaviors and then you standardize on one model and 
> RemoteUserHackFilter would adapt to that.
What worries me is not so much my own code, which I can indeed adapt.
What worries me more is other webapps which I do not write.

Somehow it seems to me that there is some inconsistency there.  It seems 
to me that a webapp should have one source it should be able to rely on 
for a user-id, and not have to hack, no ?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message