Well, if there are no hints, here is my view.
I checked the code for locations where org.apache.catalina.Globals.SUBJECT_ATTR
(or the String "javax.security.auth.subject") is used. There are seemingly two
locations:
- org.apache.catalina.connector.Request.setUserPrincipal(...)
-
Hi,
I am playing around with the following things:
- X.509 authentication
- Security Manager enabled
- Custom JAAS login module via JAASRealm
My custom JAAS login module properly propagates a javax.security.auth.Subject
instance at commit() back. My aim is to use this
Thank you, Martin, for answering despite of the messed up email!
A short point to clarify: I am using JAASRealm, and a custom jaas.config file
which does not refer to AASMemoryLoginModule. So JAASMemoryLoginModule is also
not called.
As for my custom login module, I checked it, and it does
(noticed that my previous post on the same was somewhat garbled - reposting
reformatted) Hi, I am playing around with the following things: - X.509
authentication- Security Manager enabled- Custom JAAS login module via
JAASRealm My custom JAAS login module properly propagates a
Hi, I am playing around with the following things:- X.509 authentication-
Security Manager enabled- Custom JAAS login module via JAASRealm My custom JAAS
login module properly propagates a javax.security.auth.Subject instance at
commit() back. My aim is to use this javax.security.auth.Subject