[
https://jira.jboss.org/browse/JBSEAM-3629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12536654#action_12536654
]
Markos Fragkakis commented on JBSEAM-3629:
------------------------------------------
What if someone wants to use the J2EE security to populate the Seam Identity?
For example, I have a WebLogic authenticator, which I would like to "populate"
the Seam Identity. Then I would be able to use it within the application to
restrict access. How would this work?
> Since Seam v2.1.0, httpServletRequest.getUserPrincipal() is always returning
> null when using plain J2EE security
> ----------------------------------------------------------------------------------------------------------------
>
> Key: JBSEAM-3629
> URL: https://jira.jboss.org/browse/JBSEAM-3629
> Project: Seam
> Issue Type: Bug
> Components: Security
> Affects Versions: 2.1.0.GA
> Environment: Seam v2.1.0GA, WebSphere v6.1.0.17 (Without EJB3 FP), RF
> v3.2.2, facelets 1.1.14, JSF RI 1.2_09
> Reporter: Denis Forveille
> Assignee: Dan Allen
> Priority: Critical
> Fix For: 2.1.1.CR2
>
>
> Since v2.1.GA, it is not possible to use plain J2EE security.
> Now, httpServletRequest.getUserPrincipal() always return null and also
> @In
> UserPrincipal principal;
> does not work
> This is not working because the http request is wrapped in
> IdentityRequestWrapper (in IdentityFilter) and its getUserPrincipal() method
> is reading principal variable on Identity component.
> httpServletRequest.getUserPrincipal() should work when seam security is not
> use, and so we should have a way to "disable" Seam security
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues
