I can't say without seeing what your code is doing. The SecurityAssociation api is really not a public api. Its a thread local in the server so you cannot be seeing another thread's association. The request.getUserprincipal() is null whenever you access an unsecured page.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3835857#3835857 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3835857 ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
