You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by BugRat Mail System <to...@cortexity.com> on 2001/01/12 18:25:46 UTC

BugRat Report #752 has been filed.

Bug report #752 has just been filed.

You can view the report at the following URL:

   <http://znutar.cortexity.com/BugRatViewer/ShowReport/752>

REPORT #752 Details.

Project: Tomcat
Category: Bug Report
SubCategory: New Bug Report
Class: swbug
State: received
Priority: high
Severity: critical
Confidence: public
Environment: 
   Release: Tomcat 3.2.1
   JVM Release: 1.2.1_04
   Operating System: Solaris
   OS Release: ???
   Platform: SPARC

Synopsis: 
User Principal incorrectly Maintained

Description:
I'm using the JDBCRealm and everything seems to work OK, but I'm actually dynamically generating info not just on the Role (which works fine), but the user itself.  I'm getting the current user by calling request.getUserPrincipal().getName().  I have a user jim and jones both in the same role.  If I log in as jim first, then the principal returns jim even if I log out (change or close the browser) and then log in as jones.  You can see (below) that the realm is fine and shows the correct user logged in and authenticated with the correct role, but then at the bottom when I call request.getUserPrincipal().getName() I don't get the correct user.


2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Authentication successful for user jones
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Auth ok, user=jones
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Controled access for jones R( /bow + /reviewer/images/favB.gif + null) Ct ( )
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Auth ok, first role=BOWReviewer
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Authentication successful for user jones
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Auth ok, user=jones
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Controled access for jones R( /bow + /reviewer/images/bow.gif + null) Ct ( )
2001-01-12 11:36:26 - ContextManager: JDBCHashRealm: Auth ok, first role=BOWReviewer
2001-01-12 11:36:44 - ContextManager: JDBCHashRealm: Authentication successful for user jones
2001-01-12 11:36:44 - ContextManager: JDBCHashRealm: Auth ok, user=jones
2001-01-12 11:36:44 - ContextManager: JDBCHashRealm: Controled access for jones R( /bow + /reviewer/review.do + null) Ct (action(org.apache.struts.action.ActionServlet/null) )
2001-01-12 11:36:44 - ContextManager: JDBCHashRealm: Auth ok, first role=BOWReviewer
*** Current User Principal: jim