I am using a Filter to do some URL rewriting. In the
filter, I accept a url like:
/user/x/resource/y [1]
and convert it to
/resource/y?user=x [2]
In the Filter, I create a RequestDispatcher using the
new url, and then call forward().
The servlet setup to handle "/resource" is set up for
Basic authentication in web.xml. It works fine when
calling the resource directly, that is, using url [2].
The servlet is called and the authentication works.
However, when requesting through the filter using
url [1] via POST (which is converted to [2]) the
authentication appears to be unavailable to the
servlet. That is, Tomcat is obviously authenticating
correctly because it is getting to the servlet's
doPost() method, but when I call
Principal principal = request.getUserPrincipal();
inside of doPost(), "principal" is equal to null.
It's as if the Filtering process is somehow clearing
the Principal value out of the HttpServletRequest object
even though it has been authenticated.
Oddly, this works fine with GET; the url rewriting is
done correctly, and calling getUserPrincipal()
returns a value that contains the username.
Am I doing something wrong? Is this a known bug or has any
one else seen this problem?
Thanks.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
