request.getUserPrincipal() got null

java security spring jakarta-ee
22,616

Solution 1

Creating and configuring custom JAAS login module solves problem. See Listing 4 here

Don't know what was the problem with my previous code.

Solution 2

It seams that you are guarding only one url /manageServiceList.htm so if the user access an other url then there should be no principal at all.

Share:
22,616
Muhammad Imran Tariq
Author by

Muhammad Imran Tariq

I am a passionate Senior Software Engineer. Majorly work in Java and BigData. I completed my masters degree in computer science and since then I developed various business application on different domains including financial systems, digitalsignage, security etc. I am also a good web developer and worked on different websites such as blogs, shopping carts. I have good understanding of programming languages and software development pros and cons.

Updated on July 09, 2022

Comments

  • Muhammad Imran Tariq
    Muhammad Imran Tariq almost 2 years

    User successfully authenticated but after authentication when I go to next controller I got request.getUserPrincipal() null. I am using websphere 7 and my application is in spring mvc.

       System.out.println("subject.getPrincipals(): " + subject.getPrincipals());

   WSSubject.setRunAsSubject(subject);

    After authentication in login controller subject.getPrincipals() returns principal but when I go to next controller I got request.getUserPrincipal() null.

    web.xml

    <security-role>
    <role-name>Administrator</role-name>
</security-role>

<security-constraint>
    <display-name>manager_Service</display-name>
    <web-resource-collection>
        <web-resource-name>manageservice</web-resource-name>
        <url-pattern>/manageServiceList.htm</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>Administrator</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

    application.xml

    <security-role>
    <role-name>Administrator</role-name>
</security-role>

    ibm-application-bnd.xml

    <security-role name="Administrator">
    <group name="Administrator" />
</security-role>

    User belongs to Administrator group. All my deployment descriptors are set up well. Any idea where I am getting mistake?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to create a secure licensed Java EE application?
Which JAR contains the weblogic.servlet.security.ServletAuthentication class?
Spring Boot controller not responding to POST request
Spring security authrorize based on input parameter criteria
error page in web.xml giving 404
Springs MVC JSON Response and convert it to JS Object
taglib configuration in web.xml
PROPAGATION_REQUIRED transaction attribute in spring?
Spring:url not resolving links correctly
Spring as standalone or on Tomcat?