I'm not sure what problem you're having. Are you saying that after you specify your login when accessing a secured area, you then immediately (before session timeout) access an unsecured area that checks "role=admin" and thinks you don't have that role (I would be surprised if it did that)? Or is your first access (without an existing session) to the unsecured area? If that's the case, then there definitely won't be an existing principal. Did you think there would be?
-----Original Message----- From: Daniel Massie [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 4:27 PM To: [EMAIL PROTECTED] Subject: JAAS and roles attribute of logic:present I am using JAAS to login to the secure areas of my application, localhost:8080/app/admin with the role admin being required for access. Using <logic:present roles="admin"> within pages with localhost:8080/app/admin as the base url works perfectly, but when I try to use it in any other url localhost:8080/app the principle is null. Is it possible to manually add the JAAS subject to the HttpSession so that it can be used with the logic tags?If so by which key must it be added to the session? thanks Daniel -- Daniel Massie http://www.dmassie.org.uk http://jbay.dmassie.org.uk --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]