Dear All,
I'm seeing some odd behavior from getUserPrincipal(). I have a simple
servlet that calls:
getRemoteUser(), getUserPrincipal() and isUserInRole().
I've setup an appropriate web.xml and all is well until I access the
same servlet from two web-browsers on the same machine.
In the first browser, I login as user test1, in the second browser I
log in as user tomcat.
In the first (correct) case, I see that the user is 'test1', the
principal is 'test1' and the user is in role.
In the second case, I see that the user is 'tomcat', but the principal
is still 'test1'.
It seems to me that this is a bug (but I could be misconfiguring/using
something wrong)..
Has anyone seen this behavior / can explain it such that I can
understand this - am I misunderstanding the
relationship between running servlets and connected clients?