Christopher Schultz wrote:
> Arash,
>
> Arash Bizhan zadeh wrote:
>> Sure [reading the servlet API] might help. Reading my mail would have helped
>> too. I need the
>> Subject not the principal.
>
> Ouch. You're gonna get the cold shoulder with that kind of snarkiness.
> Your original message said "authenticated user" in the body.
>
> A quick look through Tomcat's source code shows:
>
> $ grep SUBJECT_ATTR `find java/ -name "*.java"`
> java/org/apache/catalina/connector/Request.java:
> session.getAttribute(Globals.SUBJECT_ATTR) == null) {
> java/org/apache/catalina/connector/Request.java:
> session.setAttribute(Globals.SUBJECT_ATTR, subject);
> java/org/apache/catalina/security/SecurityUtil.java:
> (Subject)session.getAttribute(Globals.SUBJECT_ATTR);
> java/org/apache/catalina/security/SecurityUtil.java:
> session.setAttribute(Globals.SUBJECT_ATTR, subject);
> java/org/apache/catalina/session/StandardSession.java:
> Globals.SUBJECT_ATTR
> java/org/apache/catalina/Globals.java: public static final String
> SUBJECT_ATTR =
>
> Taking a quick look at these classes shows that this:
>
>> getSession().getAttribute(Globals.SUBJECT_ATTR);
>
> should work. Of course, there's always a chance that the subject is
> null. In most cases in the code, when the Subject is null, a new Subject
> object is created with no arguments and thrown into the session under
> the Globals.SUBJECT_ATTR key.
The logical questions that follow are: what is your login config, which
Realm are you using and which type of Authenticator?
p
> -chris
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
