[jboss-user] [Security & JAAS/JBoss] - Re: WebAuthentication only authenticates for a single reques
mjdinsmore
do-not-reply at jboss.com
Thu Jun 18 21:36:20 EDT 2009
Sorry, rereading what I wrote and it doesn't make sense. The Principal can be got from the request after successful authentication by calling
request.getPrincipal()
After successful authentication Principal is cached till the expiry of HttpSession -- no need for extra authentication till session expires.
But if you have other special requirements like preventing multiple sign on from different clients and such, then you'd have to to some work.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238643#4238643
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238643
More information about the jboss-user
mailing list