Losing user ID info between Servlets

I have one servlet which is getting the user ID from request.getRemoteUser(). This works fine. This servlet is secured by virtue of being in the <web-resource-collection> in the web.xml. The authentication happens via a login form and JAAS.

However I have a second servlet which is also getting the user ID with request.getRemoteUser(), but when this servlet is called it gets null for the user ID. This happens when I call the second servlet right after the first servlet which is working, so the session must the same (and hence the same user ID I assume). I can't imagine why this info is being lost, I thought that this remote user info was the same for every request in the session.

Can anyone suggest what might be happening ? Is the user info not available for the second servlet because it is not part of the <web-resource-collection> entry ? Thanks in advance for any ideas.


-James

I've encountered this problem due to a variety of causes, and you'll have to provide more information.

Have you verified that the session id is the same by printing it out?
Which app server are you using? Websphere will only return the remote user in secured directories, not unsecured ones.
Did you call the second servlet via the window.open() javascript? In IE this doesn't pass the session id so a new one is created.

Or any of a number of other causes!

Dave

It seems that the problem was that one servlet was being secured and the other was not, and the remote user information was only available to the servlet which was secured (by virtue of being in the <web-resource-collection> entry in web.xml). I have made the <url-pattern> match all resources (/*) and now the user info is available between all servlets and pages.

-James