What authentication method are you using? I'll take a wild guess at form. This thread provides a few workaround solutions for this:
http://www.theserverside.com/discussions/thread.tss?thread_id=32033 I suggest looking into writing your own filter and placing it above SecurityFilter in the stack and intercepting the redirect made by the security filter by subclassing HttpServletResponseWrapper. On Wed, Jul 30, 2008 at 3:58 PM, Guojun Zhu <[EMAIL PROTECTED]> wrote: > Hi, > > I am using realm for the authorization of my web application. I would like > to include a administration section for things like modifying the user > profile or password. I have several different user names associated with > two different roles. Both roles give the pass to the web pages. I am > wondering whether I can find out who is the login user in realm? So I do > not need the user to provide it again to entering the admin part. I am > using Tomcat 5.5 on a linux box. Thanks. > > Sincerely > Zhu, Guojun > -- Signed, Alessandro Ferrucci :)
