You need to set up what the authentication method is, ie the equivalent of the <login-config><auth-method/></login-config> in web.xml. The default is basic authentication. If you want to use sessions to maintain the authentication state, then configure FORM authentication, either in web.xml or by setting an instance of https://www.eclipse.org/jetty/javadoc/9.4.26.v20200117/org/eclipse/jetty/security/authentication/FormAuthenticator.html on the SecurityHandler.
Jan On Mon, 10 Feb 2020 at 23:12, Wang Yicheng <[email protected]> wrote: > Thanks Joakim! > > Yes I do have a customized login module following JAAS spec. So it seems > the missing session is causing the problem. Then my question is: With > default configuration, does Jetty generate session automatically for > authenticated user? Or is my code responsible for doing that? > > I actually published another question here > <http://jetty.4.x6.nabble.com/HttpServletRequest-Returns-NULL-Principal-After-Logging-In-td4968503.html> > which contains more details about my issue. Any help is highly appreciated! > > Best > > On Mon, Feb 10, 2020 at 1:11 PM Joakim Erdfelt <[email protected]> wrote: > >> If using Servlet authentication (or JAAS) the principal would be set. >> >> If you are using a 3rd party web library (like spring) then odds are you >> are not integrating with Servlet security. >> >> Joakim Erdfelt / [email protected] >> >> >> On Mon, Feb 10, 2020 at 2:05 PM Yicheng Wang <[email protected]> >> wrote: >> >>> Hi team, >>> >>> My question is as the subject state. My issue is the login request does >>> have >>> the principal by calling getUserPrincipal. But after logging in, the >>> second >>> request has a null principal. Besides, neither of the requests have >>> sessions. So I'm wondering if Jetty uses session information to set the >>> principal in HTTP request. Do appreciate your help! >>> >>> Best >>> >>> >>> >>> -- >>> Sent from: http://jetty.4.x6.nabble.com/Jetty-User-f3247280.html >>> _______________________________________________ >>> jetty-users mailing list >>> [email protected] >>> To change your delivery options, retrieve your password, or unsubscribe >>> from this list, visit >>> https://www.eclipse.org/mailman/listinfo/jetty-users >>> >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://www.eclipse.org/mailman/listinfo/jetty-users > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users -- Jan Bartel <[email protected]> www.webtide.com *Expert assistance from the creators of Jetty and CometD*
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
