You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Damian Minkov <da...@space-comm.com> on 2003/05/22 09:39:50 UTC

Re[3]: Action and Principal

Hello Craig,

Thursday, May 22, 2003, 1:58:44 AM, you wrote:



CRM> On Wed, 21 May 2003, Damian Minkov wrote:

>> Date: Wed, 21 May 2003 16:25:32 +0200
>> From: Damian Minkov <da...@space-comm.com>
>> Reply-To: Struts Users Mailing List <st...@jakarta.apache.org>,
>>      Damian Minkov <da...@space-comm.com>
>> To: Struts Users Mailing List <st...@jakarta.apache.org>
>> Subject: Re[2]: Action and Principal
>>
>> Hello Denis,
>>
>> Wednesday, May 21, 2003, 3:06:43 PM, you wrote:
>>
>> DA> Damian Minkov wrote:
>>
>> >>Hello struts-user,
>> >>
>> >>  I have this situation :
>> >>     JSP with <html:link ...> connected to an action which forwards
>> >>       me to another JSP and in the execute method in this action I
>> >>       call request.getUserPrincipal() and returns null.
>> >>     But in the first JSP (the one with the link) I call it too and
>> >>     everything is ok( is not null).
>> >>
>> >>     Is this normal? Or it is my mistake somewhere..
>> >>
>> >>
>> >>
>> >>
>> DA> Anything in the request for the first jsp would be gone by the time you
>> DA> reached the action you link to or the jsp the action forwards to.  You
>> DA> would need to either:
>>
>> DA> A) Retrieve userPrincipal in the first jsp, send it to the action
>> DA> somehow and then from action put it in the request to the second jsp.
>>
>> DA> or
>> DA> B) put the userPrincipal into the session (not request) in the action
>> DA> BEFORE the first jsp.
>>
>> DA> hth
>>
>> DA> Denis
>>
>> Yes but my question is why in the action when I call getPrincipal I
>> get null?
>>

CRM> Different containers behave differently in the following scenario, which
CRM> COULD be the explanation of what is happening to you (there is not enough
CRM> detail in your message to know for sure):

CRM> * Your user accesses a protected page, and gets authenticated.

CRM> * On the protected page, you can call request.getUserPrincipal()
CRM>   and see this information.

CRM> * Your JSP page redirects to a different JSP page that is
CRM>   *not* protected by a security constraint.

CRM> If you have an active Session, Tomcat will remember the authenticated
CRM> Principal and return it to the second page.  Other servers do not
CRM> necessarily do this.

>>
>> --
>> Best regards,
>>  Damian                            mailto:damian@space-comm.com
>>

CRM> Craig

The scenario is as Follows
    using JBoss/Tomcat
    JSP -> Action -> JSP
    Only the 'Action' is not protected.
    only at the firs JSP my userPrincipal is not null.

-- 
Best regards,
 Damian                            mailto:damian@space-comm.com



---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org