0

${execution.remoteUser} yields null when logged in via Spring Security

asked 2008-12-06 17:45:37 +0800

cvarona gravatar image cvarona
554 1 6

Hi,

I've discovered that if I use Spring security to perform authentication both ${execution.remoteUser} and Executions.getCurrent().getRemoteUser() yield 'null'. It looks like by bypassing the servlet container authentication mechanism the user information is missing in every request, for Executions.getCurrent().getNativeRequest().getRemoteUser() yields null as well, even if there's a valid http session active (which of course does not imply the 'user' has succeeded in any authentication process).

Being zk's Execution instances wrappers on the target container's requests and responses, isn't there any way to set up an username when authenticatin via Spring?

With kind regards

César Varona

delete flag offensive retag edit

4 Replies

Sort by » oldest newest

answered 2008-12-08 07:05:41 +0800

iantsai gravatar image iantsai
2755 1

It seems like JEE Web Container doesn't copy this information in HttpServletRequest.
can you provide more detailed message and which container you use?

you can do a simple test to see if a simple jsp page in your project can get the RemoteUser from EL.


As our experiences, WebLogic will cause this kind of problem if ZK Event Thread is activated.
You can turn off it by using the setting below in zk.xml:

<system-config>
    <disable-event-thread/>    
</system-config>

For more detailed info, please take a look at this article:Use the Servlet Thread to Process Events

link publish delete flag offensive edit

answered 2008-12-10 13:51:46 +0800

cvarona gravatar image cvarona
554 1 6

I'm using the maven 6.1.11 jetty plugin; curiously enough, after upgrading to zk 3.5.2 Execution.getRemoteUser() works fine with login via spring, so I guess it cannot be considered an issue any longer.

With kind regards

César Varona

link publish delete flag offensive edit

answered 2011-03-03 12:23:12 +0800

satyanadiminti gravatar image satyanadiminti
69 1

I am facing the exact same issue as cvarona. I have a ZK 5.0.0 application running on Weblogic 11. Weblogic came along with Oracle Business Intelligence (OBI) 11g install.
Also, I have implemented Oracle Single sign-on. The ZK pages run inside the OBI dashboards.
Both Executions.getCurrent().getNativeRequest().getRemoteUser() and Executions.getCurrent().getNativeRequest().getRemoteUser() return null.
The WEB-INF/zk.xml has the below tag:

<system-config>
<disable-event-thread/>
</system-config>

Please suggest what else can be tried to come round this problem. thanks in advance!

link publish delete flag offensive edit

answered 2011-03-11 04:42:26 +0800

henrichen gravatar image henrichen
3869 2
ZK Team

As Ian has suggested. Can you write a simple JSP (NO ZK) page to check if getRemoteUser() works in your environment. What ZK Execution does is nothing more than just an encapsulation of the native HttpRequest.

link publish delete flag offensive edit
Your reply
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow

RSS

Stats

Asked: 2008-12-06 17:45:37 +0800

Seen: 621 times

Last updated: Mar 11 '11

Related questions

Using controller

Error: Replicated language: xul/html

php

Window Overlapped

Echo/Casabac [closed]

OnClick on label

Problem with Checkbox [closed]

Look of a control [closed]

Documentation?

Combo Box

About Us | Faq | Help | Privacy Policy | Contact Us
Copyright Potix Corporation 2015.
Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More