I have recently noticed that when you have a site with both protected and unprotected pages that getRemoteUser returns null on the unprotected pages eventhough I have authenticated against a protected page. isUserInRole also does not work.
Is there a way I can determine who is logged in when I access an unprotected url? To answer my own Q, I supose I could create an object and store it in the session then access later, but is there another way? Ultimately I would like to present a dynamic menu in which administrators see a different menu than regular joe users. The menu is part of every page in this case. I would simple like to hide "admin only" sections so regular users don't see them. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
