File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

USer credentials NULL

 
Kadapa Reddy
Greenhorn
Posts: 10
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I am trying to authenticate the user using basic authenticatio with J_security_check and it successful in my local machine.
When i deploy the same application to the Test server authentication is successful and goes to login action class and when i try to get the user id
using request.getUserPrincipal(), it always returns me null. I am sure that i am in the required role.

Any help would be greatly appreciated.
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is your application a secured resource? By which I mean does it have <security-constraints /> defined and is security turned on on the test server? The Servlet specification mandates that the getUserPrincipal() method should return null in an unsecured application.
 
Kadapa Reddy
Greenhorn
Posts: 10
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, MY Server,application is secured and invoking the secured resource. AS i said it is working fine in my local machine which is connectd to the same LDAP as test server.
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If what you say is correct, then WebSphere is departing from the specification - which would be a considerable surprise. I've never seen WAS return null for a thread running in a secure context after authentication is successful. Are you sure the server is configured correctly? If the application has security constraints defined correctly the only thing left that could go wrong is the server security configuration.
 
Kadapa Reddy
Greenhorn
Posts: 10
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I should be able to find a work around. If i invoke the application from index.jsp(which is welcome page and redirects to Login.jsp) and the credentials coming well.
If i invoke the application directly with Login.jsp, credentials coming as null even though Login.jsp is part of secured resource.
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

If i invoke the application directly with Login.jsp, credentials coming as null even though Login.jsp is part of secured resource.

Is Login.jsp your login page? If so, this is no surprise that the principal is null - that page would only ever be called before authentication, so is in effect unsecured.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic