You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Ludwig Laman (JIRA)" <de...@geronimo.apache.org> on 2005/09/16 13:13:58 UTC

[jira] Commented: (GERONIMO-1014) problems getting the UserPrincipal for servlets and struts

    [ http://issues.apache.org/jira/browse/GERONIMO-1014?page=comments#action_12329532 ] 

Ludwig Laman commented on GERONIMO-1014:
----------------------------------------

This is how it goes:

1. Deploy the war.
2. Browse to http://localhost:8080/sampleWebApp
3. Login as system/manager
4. Browse to http://localhost:8080/sampleWebApp/index.jsp (pardon this but you're already logged in). This displays the jsp page and stating which user is logged in. In this case, It always say "You are not currently logged in" but you are inside the web-app already.
5. Click the "user servlet" and you should have a forbidden access. Now, click the "admin servlet" and you should have the access to the "admin" page. You should also see the authenticity of role against to users, which means that an "admin" user is logged-on.
6. Click the "home" link to go back to index.jsp, but still, it doesn't display which user is logged but the fact is an "admin" user is logged on.

This is just a part of a sample application using servlet and struts. It was deployed to Tomcat 5 and Jetty 5.1.5 and both appservers performed the "normal" behavior for this webapp. I'm not sure if it has something to do with the principal for this kind of behavior.

> problems getting the UserPrincipal for servlets and struts
> ----------------------------------------------------------
>
>          Key: GERONIMO-1014
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1014
>      Project: Geronimo
>         Type: Bug
>  Environment: WinXP, Geronimo-M4
>     Reporter: Ludwig Laman
>  Attachments: sampleWebApp.war
>
> When logging in to a simple servlet/struts application, getting the user is lost through session/cookies(I think) after transferring to another servlet/strut page, but the user is still logged in. I'm not sure why this is happening but it might be related to org.apache.geronimo.jetty.JAASJettyPrincipal class. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira