DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23192>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23192 getRemoteUser() returns null with Authorization header ------- Additional Comments From [EMAIL PROTECTED] 2003-09-19 11:27 ------- Yes I think you are right, apparently this is not supported in J2EE. I also did some testing in Websphere and it behaves exactly the same way. I guess I will have to implement my own security by accessing the username/password from the Authorization header and/or JSESSIONID. I don't see any other way but to re- implement basically all the declarative security model in my application. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]