Hi Team, First of all, thank you for developing Jetty. I'm working on a project to replace WebLogic with Jetty, and I've been stuck with authentication for quite a while.
The previous project implements the JAAS interface and stores all user information with self-maintained files, instead of using realm. I tried to implement the login module with the same code. And I followed the official document to set the configuration, but without realm. The login part works fine. But after logging in, no matter what request I send to Jetty, principal is always null and thus the user is deemed as unauthenticated and is logged out. While for the login request, I do get the principal from the request. I have no idea about the root cause. Some of my guesses are as below. 1. I read the source code of AbstractLoginModule class, and there're a bunch of fields like currentUser etc. I guess I shouldn't implement LoginModule directly, as this breaks the inner mechanism of how Jetty integrates customized login module. 2. I'm missing some critical configurations of HTTP requests. 3. I also notice session is not working properly at this point. Does session have anything to do with null principal in the request? Do appreciate your kind help! Yicheng -- Sent from: http://jetty.4.x6.nabble.com/Jetty-User-f3247280.html _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
