2 Replies Latest reply: Jun 1, 2012 10:38 AM by Rafael Neves RSS

SPNEGO, HttpServletRequets.getRemoteUser() vs. EJBContext.getCallerPrincipal().getName() inconsistency

martin mucha Newbie

Hi,

 

I have to ask this question. I've spend many hours browsing sources and do not know the answer.

 

Suppose I've got here setup FORM based authentication. Then getRemoteUser() on HttpServletRequest instance returns name of logged-in user (when there is logged in user). And the same user name will returned when called getCallerPrincipal().getName() on EJBContext instance. That's fine.

 

I've got here SPNEGO configured. It works fine. BUT while I'm still able to get user name from getRemoteUser()  from servlet, I'm not able to do so with EJBContext - getCallerPrincipal().getName() returns some hash or something. I really need to get users login name. How can one do that from EJBContext? Where does this hash/something comes from and why?

 

If I try to debug it and look into security context I see subject correct principals, correct caller principal, correct roles, some identity (also something hash-like, but that's different value from the one from EJBContext.getCallerPrincipal())

 

thanks in advance.

ask if you need any more information, I'll try to provide them asap.