[JBoss JIRA] Commented: (JBWEB-19) Make isUserInRole() and getUserPrincipal() available on unsecured pages

Friday, 5 February 2010

    [
https://jira.jboss.org/jira/browse/JBWEB-19?page=com.atlassian.jira.plugi...
] 

Jeff Schnitzer commented on JBWEB-19:
-------------------------------------

I pretty much single-handedly brought JBoss into Electronic Arts in 2002 (replacing
WebLogic) and Kink.com in 2006 (replacing PHP).  You've already lost the first one,
and you're on the verge of losing the second.  Before you piss on someone, you might
want to check to see if they are (or were) actual customers first.

...
 Make isUserInRole() and getUserPrincipal() available on unsecured
pages
 -----------------------------------------------------------------------

                 Key: JBWEB-19
                 URL: https://jira.jboss.org/jira/browse/JBWEB-19
             Project: JBoss Web
          Issue Type: Feature Request
      Security Level: Public(Everyone can see) 
          Components: Core
         Environment: Any
            Reporter: Jeff Schnitzer
            Assignee: Remy Maucherat

 Currently getUserPrincipal() returns null and ServletRequest.isUserInRole() always
returns false on unsecured pages, even after the user has been authenticated.
 It would be much more useful if these always returned proper values.  This confusion
comes up on the JAAS forums frequently. 
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006