Skip to main content

HttpServletRequest.isUserInRole() always returns false

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
2 replies [Last post]
rpolozov
Offline
Joined: 2003-07-15

Hello,

I have problem with HttpServletRequest.isUserInRole() method on GlassFish v 3.1. It returns 'true' only once after deploying the application and then always returns 'false'. HttpServletRequest.getUserPrincipal() works fine.

I use LDAP realm with user groups defined. I have described roles in <security-role>, <security-constraint>/<auth-constraint>/<role-name> and <servlet>/<security-role-ref> elements in web.xml and also mapped them to user groups in <security-role-mapping> elements in sun-web.xml.

Best regards,
Roman Polozov

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
telman
Offline
Joined: 2007-11-10

I am observing the same on

asadmin version

Version = Sun GlassFish Enterprise Server v2.1.1

uname -a

Linux telman-laptop 2.6.32-32-generic-pae #62-Ubuntu SMP Wed Apr 20 22:10:33 UTC 2011 i686 GNU/Linux

nitkal
Offline
Joined: 2008-10-22

Hi,

The problem could be specific to your application. IsUserInRole works as expected for a sample app in both GF v2.1.1 and 3.1. Could you please check if the app clears the subject/principal after a successful login or if there is a cache issue?

Thanks

Nithya