Getting Principal into Session

[Cindy <ms...@yahoo.com>]

According to servlet spec, the only way to tell if a request has been 
authenticated is request.getUserPrincipal() returning a non-null Prinicpal 
object.  Is it possible to obtain such an object from the current HttpSession 
instead?  Or, I should say is there any facility provided by Tomcat to copy the 
Principal from request into the session.  It is more natural to associate the 
user principal with its session.  For example, an administration servlet having 
a reference to a session object can enquire the principal attribute to 
determine whom the session belong to.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org