Request.getUserPrincipal () received null

Question

Request.getUserPrincipal () received null

The user has successfully authenticated, but after authentication, when I go to the next controller, I received request.getUserPrincipal() null. I am using websphere 7 and my application is in spring mvc.

  System.out.println("subject.getPrincipals(): " + subject.getPrincipals()); WSSubject.setRunAsSubject(subject);

After authentication in the input controller, subject.getPrincipals () returns the principal, but when I go to the next controller, I received request.getUserPrincipal() null.

web.xml

 <security-role> <role-name>Administrator</role-name> </security-role> <security-constraint> <display-name>manager_Service</display-name> <web-resource-collection> <web-resource-name>manageservice</web-resource-name> <url-pattern>/manageServiceList.htm</url-pattern> </web-resource-collection> <auth-constraint> <role-name>Administrator</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

application.xml

 <security-role> <role-name>Administrator</role-name> </security-role>

IBM applications bnd.xml

 <security-role name="Administrator"> <group name="Administrator" /> </security-role>

The user belongs to the Administrator group. All of my deployment descriptors are configured well. Any idea where I get the error?

+4

java spring java-ee security

Muhammad Imran Tariq Oct 17 '11 at 14:10

source share

2 answers

This means that you protect only one URL /manageServiceList.htm , so if a user accesses another URL, then there should be no principal.

+3

Ralph Oct 17 '11 at 16:45

source share

Muhammad Imran Tariq · Accepted Answer · 2011-10-21T07:35:16+0000

Creating and configuring a custom JAAS login module solves the problem. See Listing 4 here.

I don't know what the problem is with my previous code.

Request.getUserPrincipal () received null

More articles: