I am having a fairly painful problem here dealing with authentication using the JDBCReam and container managed security. In particular I am using securityfilter, but I seriously doubt that this problem involves that application directly.
If I use the default SecurityRealm that comes with the security filter application, which just manual sets the userInRole and getRemoteUser information, I can reload the context over and over and never drop the user. When I use JDBCReam to handle users in a database and I reload the context after logging in all the active sessions loose their security principals and roles. The thing is, all the session data is still there, working as normal. I get no messages in the log files regarding a failure of any kind. In short: Why does a context reload kill the user principal information and how can I fix it? To duplication: Grab securityfilter from securityfilter.sourceforge.net Log in out of the box, reload the context and view the securePage.jsp again. No problem. Now, change the realm to JDBCRealm, login, reload the context and visit the securePage.jsp...aha, now it says you are not logged in and takes you to the login page. Dan -- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Daniel Allen, <[EMAIL PROTECTED]> http://www.mojavelinux.com/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "This is a test of the Emergency Broadcast System. If this had been an actual emergency, do you really think we'd stick around to tell you?" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
