On Wed, Nov 12, 2008 at 5:34 PM, Christopher Schultz < [EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Arash, > > Arash Bizhan zadeh wrote: > > Sure [reading the servlet API] might help. Reading my mail would have > helped too. I need the > > Subject not the principal. > > Ouch. You're gonna get the cold shoulder with that kind of snarkiness. > Your original message said "authenticated user" in the body. > > A quick look through Tomcat's source code shows: > > $ grep SUBJECT_ATTR `find java/ -name "*.java"` > java/org/apache/catalina/connector/Request.java: > session.getAttribute(Globals.SUBJECT_ATTR) == null) { > java/org/apache/catalina/connector/Request.java: > session.setAttribute(Globals.SUBJECT_ATTR, subject); > java/org/apache/catalina/security/SecurityUtil.java: > (Subject)session.getAttribute(Globals.SUBJECT_ATTR); > java/org/apache/catalina/security/SecurityUtil.java: > session.setAttribute(Globals.SUBJECT_ATTR, subject); > java/org/apache/catalina/session/StandardSession.java: > Globals.SUBJECT_ATTR > java/org/apache/catalina/Globals.java: public static final String > SUBJECT_ATTR = > > Taking a quick look at these classes shows that this: > > > getSession().getAttribute(Globals.SUBJECT_ATTR); > Tomcat 5.5.26, returns null as subject. I have security constraints on web.xml and developed a JAAS module to login, so I guess the subject is not null. Any suggestions? > should work. Of course, there's always a chance that the subject is > null. In most cases in the code, when the Subject is null, a new Subject > object is created with no arguments and thrown into the session under > the Globals.SUBJECT_ATTR key. > > - -chris > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkkbWgUACgkQ9CaO5/Lv0PB7ywCfWsw8lOmT2rg85wddJ+n3C6xL > PWsAn1KdKrcv+mErYjOjaNMAonGYE/yS > =nnOG > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- The dirtiest book of all is the expurgated book. ---- Walt Whitman