You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Per Steffensen <st...@designware.dk> on 2003/08/23 12:39:59 UTC

request.getRemoteUser() only non-null on protected pages

Hi

Im using the JBoss-3.0.3/Tomcat-4.1.12 bundle. I use declarative protection of some of my JSPs. It all works fine.

After logging on I can use reqeust.getRemoteUser() to read the username of the logged in user. BUT ONLY when the shown page is a protected page. If the page is not protected request.getRemoteUser() just returns null, even though the user have logged in.

Why is that?
What can I do to be able to get hold of the username on non-protected pages?

Searching the net (including this mailing list), I have only been able to find one suggestion to solve the problem:
Save the username my self on session scope from a protected page.
The problem with this solution is that it would force me to place "the username saving code" on all my protected pages, to be sure that the username is always saved. That is a pretty stupid solution.

Using WebLogic 6.1 request.getRemoteUser() returns the username of the logged in user, regardless of the page beeing protected or not. Why is Tomcat not acting the same way?

Kind Regards
Per Steffensen