[jboss-user] [Security & JAAS/JBoss] - Re: WebAuthentication only authenticates for a single reques

mjdinsmore do-not-reply at jboss.com
Thu Jun 18 21:36:20 EDT 2009

Sorry, rereading what I wrote and it doesn't make sense.  The Principal can be got from the request after successful authentication by calling


After successful authentication Principal is cached till the expiry of HttpSession -- no need for extra authentication till session expires. 

But if you have other special requirements like preventing multiple sign on from different clients and such, then you'd have to to some work.

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238643#4238643

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238643

More information about the jboss-user mailing list