Re: Get Security subject from Tomcat

Wed, 12 Nov 2008 15:12:13 -0800 

On Wed, Nov 12, 2008 at 5:34 PM, Christopher Schultz <
[EMAIL PROTECTED]> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Arash,
>
> Arash Bizhan zadeh wrote:
> > Sure [reading the servlet API] might help. Reading my mail would have
> helped too. I need the
> > Subject not the principal.
>
> Ouch. You're gonna get the cold shoulder with that kind of snarkiness.
> Your original message said "authenticated user" in the body.
>
> A quick look through Tomcat's source code shows:
>
> $ grep SUBJECT_ATTR `find java/ -name "*.java"`
> java/org/apache/catalina/connector/Request.java:
> session.getAttribute(Globals.SUBJECT_ATTR) == null) {
> java/org/apache/catalina/connector/Request.java:
> session.setAttribute(Globals.SUBJECT_ATTR, subject);
> java/org/apache/catalina/security/SecurityUtil.java:
>    (Subject)session.getAttribute(Globals.SUBJECT_ATTR);
> java/org/apache/catalina/security/SecurityUtil.java:
> session.setAttribute(Globals.SUBJECT_ATTR, subject);
> java/org/apache/catalina/session/StandardSession.java:
> Globals.SUBJECT_ATTR
> java/org/apache/catalina/Globals.java:    public static final String
> SUBJECT_ATTR =
>
> Taking a quick look at these classes shows that this:
>
> > getSession().getAttribute(Globals.SUBJECT_ATTR);
>

Tomcat 5.5.26, returns null as subject. I have security constraints on
web.xml and developed a JAAS module to login, so I guess the subject is not
null.
Any suggestions?


> should work. Of course, there's always a chance that the subject is
> null. In most cases in the code, when the Subject is null, a new Subject
> object is created with no arguments and thrown into the session under
> the Globals.SUBJECT_ATTR key.
>
> - -chris
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkkbWgUACgkQ9CaO5/Lv0PB7ywCfWsw8lOmT2rg85wddJ+n3C6xL
> PWsAn1KdKrcv+mErYjOjaNMAonGYE/yS
> =nnOG
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>


-- 
The dirtiest book of all is the expurgated book.
----
Walt Whitman

Reply via email to