ok got it, that's the way tomcat JAASRealm works (in fact this sentence is a little shortcut to say the relative hierarchy)
basically if you create a session before the login it will work. here the login is called, there is no session so the principal is not cached in the session. *Romain Manni-Bucau* *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* *Github: https://github.com/rmannibucau* 2013/3/13 Romain Manni-Bucau <[email protected]> > sorry, my fault, gmail was hiding it > > *Romain Manni-Bucau* > *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> > *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > *Github: https://github.com/rmannibucau* > > > > 2013/3/13 André Zimmermann <[email protected]> > >> I already shared the full example in a previous post from Mar 12, 2013; >> 9:43am. >> >> I also described, how to use it. >> >> > please share the full sample ready to run >> >> >> >> -- >> View this message in context: >> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html >> Sent from the OpenEJB Dev mailing list archive at Nabble.com. >> > >
