request.getUserPrincipal() got null
Solution 1
Creating and configuring custom JAAS login module solves problem. See Listing 4 here
Don't know what was the problem with my previous code.
Solution 2
It seams that you are guarding only one url /manageServiceList.htm
so if the user access an other url then there should be no principal at all.
Muhammad Imran Tariq
I am a passionate Senior Software Engineer. Majorly work in Java and BigData. I completed my masters degree in computer science and since then I developed various business application on different domains including financial systems, digitalsignage, security etc. I am also a good web developer and worked on different websites such as blogs, shopping carts. I have good understanding of programming languages and software development pros and cons.
Updated on July 09, 2022Comments
-
Muhammad Imran Tariq almost 2 years
User successfully authenticated but after authentication when I go to next controller I got
request.getUserPrincipal()
null. I am using websphere 7 and my application is in spring mvc.System.out.println("subject.getPrincipals(): " + subject.getPrincipals()); WSSubject.setRunAsSubject(subject);
After authentication in login controller subject.getPrincipals() returns principal but when I go to next controller I got
request.getUserPrincipal()
null.web.xml
<security-role> <role-name>Administrator</role-name> </security-role> <security-constraint> <display-name>manager_Service</display-name> <web-resource-collection> <web-resource-name>manageservice</web-resource-name> <url-pattern>/manageServiceList.htm</url-pattern> </web-resource-collection> <auth-constraint> <role-name>Administrator</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
application.xml
<security-role> <role-name>Administrator</role-name> </security-role>
ibm-application-bnd.xml
<security-role name="Administrator"> <group name="Administrator" /> </security-role>
User belongs to Administrator group. All my deployment descriptors are set up well. Any idea where I am getting mistake?