-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 9/9/15 9:43 PM, Pottinger, Hardy J. wrote: > It doesn't matter which Authenticator is installed, they all behave > the same way. The user name from httpd is used to populate the > remote user name and the user principal and the user principal > being set is what bypasses most of the authentication code. > > All of the authenticators will cache the Principal in the session > if one exists but none of them (apart from FORM) should ever create > one. > > The authenticator you will get will depend on whatever is in > web.xml. So, it looks like there is no auth-type specified in web.xml, so what does the app get? It looks like *something* is in there, given the stack trace provided. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJV8aQbAAoJEBzwKT+lPKRY5oIQAIoGHHBsxESORGC/Nsaa5O5O 8I2SL6iHcmjw8d8SE8pVGuY6B4W0w49LMy2px3bar5Z8NMwrWGDwj9s01H0+lN6b f7ZtmZsfLTFGmlpOqkpcHqhSsedO8NqEIO3/e84nwKKtbOQFdragJ48qkJ/oYk4w /PMjAosH2kE/egwXHg2dGzy5WCox91CI2f/4JZjXlsrZikEErMdqS9zoYAUt7tlD JFUrcSey9T0V0JfoqSv0CTV2kRtI/B2LcOuh5eQqyUks2mQvb08BKPoGp1PM4DjK 1sX7IpTUurc8eGsDSBSd/wciUU47bhPmK1YmyN3EwqxIGsN82C2EVe+t/N3gFhoe PiUtofF3nwOCfSHPUiiNnTpHYIetgNUpCkdbmnwgV1dEvWTyWCCMWvIoPAztozkO zIz2Qr6K5Lyy2no5+zPpOdipeMlZ5rXvEXBDFGpmtmlAKwphcz1/SxNV+YDgqmnT KHcorZ/oltH/qyAPWZeu8/Hu6tQgb9Ua8kAayE0sK38grXI7kJHNlQyPldxYZjKB TG2IGQd46XyJKSt6nA53hmbMPFhIwPl2MvgLzQ5j7lrlO64TCaCRtQwi9pCjRGHL d/BWRVPXEABRdIKoxG/beFRaob/h4TkIvcOChqUe+lHJ+/3NGjQLmhVSFYseCFbK eyK7kji4cGdJF5iH3Ayn =J6nA -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org