You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Cindy <ms...@yahoo.com> on 2006/02/18 07:33:52 UTC
Getting Principal into Session
According to servlet spec, the only way to tell if a request has been
authenticated is request.getUserPrincipal() returning a non-null Prinicpal
object. Is it possible to obtain such an object from the current HttpSession
instead? Or, I should say is there any facility provided by Tomcat to copy the
Principal from request into the session. It is more natural to associate the
user principal with its session. For example, an administration servlet having
a reference to a session object can enquire the principal attribute to
determine whom the session belong to.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org