I am encountering a strange security problem when trying to submit a form to
an action. This JSP is as follows:
<%= request.getUserPrincipal().getName() %>
<form action="/edm/ebb/upload.do" method="POST">
<table width="75%" border="1">
<tr>
<td><bean:message key="upload.from"/></td>
<td><input type="text" name="from"/></td>
</tr>
<tr>
<td><bean:message key="upload.to"/></td>
<td><input type="text" name="to"/></td>
</tr>
<tr>
<td><bean:message key="upload.version"/></td>
<td><input type="text" name="version"/></td>
</tr>
<tr>
<td><bean:message key="upload.file"/></td>
<td><input type="file" name="input-data"></td>
</tr>
</table>
<input type="submit" value="Submit"/>
</form>
<html:link forward="ups">upload</html:link>
The strange thing is this:
When this page is loaded, and I am ligitimatly logged in, the name of the
UserPrincipal is displayed as it should be. However, if I submit the form,
the appropriate action class is called, but when I invoke
request.getUserPrincipal()...it returns null. Notice the last line of the
HTML, it has a link that points to the same action class...when it is
clicked, the principal is propogated to action and it is NOT null.
Can anyone help me out with this? I would like the post to work correctly.
Thanks!
Aaron.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
