Hi Im using the JBoss-3.0.3/Tomcat-4.1.12 bundle. I use declarative protection of some of my JSPs. It all works fine.
After logging on I can use reqeust.getRemoteUser() to read the username of the logged in user. BUT ONLY when the shown page is a protected page. If the page is not protected request.getRemoteUser() just returns null, even though the user have logged in. Why is that? What can I do to be able to get hold of the username on non-protected pages? Searching the net (including this mailing list), I have only been able to find one suggestion to solve the problem: Save the username my self on session scope from a protected page. The problem with this solution is that it would force me to place "the username saving code" on all my protected pages, to be sure that the username is always saved. That is a pretty stupid solution. Using WebLogic 6.1 request.getRemoteUser() returns the username of the logged in user, regardless of the page beeing protected or not. Why is Tomcat not acting the same way? Kind Regards Per Steffensen
