[jboss-jira] [JBoss JIRA] Commented: (JBWEB-19) Make isUserInRole() and getUserPrincipal() available on unsecured pages
Jeff Schnitzer (JIRA)
jira-events at lists.jboss.org
Fri Feb 5 14:15:19 EST 2010
[ https://jira.jboss.org/jira/browse/JBWEB-19?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12510726#action_12510726 ]
Jeff Schnitzer commented on JBWEB-19:
-------------------------------------
Thank you for illustrating why I've given up on JBoss. Glaring deficiencies of the spec are no longer opportunities to make a product better than everyone else's. Now they're an excuse to leave bad or broken behavior unfixed. If you want to know how IBM or Oracle got to be slow-moving behemoths with lousy products, this is it. Sad.
> Make isUserInRole() and getUserPrincipal() available on unsecured pages
> -----------------------------------------------------------------------
>
> Key: JBWEB-19
> URL: https://jira.jboss.org/jira/browse/JBWEB-19
> Project: JBoss Web
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Core
> Environment: Any
> Reporter: Jeff Schnitzer
> Assignee: Remy Maucherat
>
> Currently getUserPrincipal() returns null and ServletRequest.isUserInRole() always returns false on unsecured pages, even after the user has been authenticated.
> It would be much more useful if these always returned proper values. This confusion comes up on the JAAS forums frequently.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list