Forum Stats

  • 3,837,108 Users
  • 2,262,226 Discussions


isUserInRole always false

ILya Cyclone
ILya Cyclone Member Posts: 888 Bronze Badge


According to this document

Using Programmatic Security with Web Applications - The Java EE 6 Tutorial

I'm doing a simple programatic login servlet on WebLogic 12.1.3.

HttpServletRequest.login method works, but when I try to check user roles using HttpServletRequest.isUserInRole I always get false.

Servlet class:

public class Servlet1 extends HttpServlet {     public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {          request.login(LOGIN, PASSWORD);          System.out.println("In role AUTHENTICATED_USERS: "+request.isUserInRole("AUTHENTICATED_USERS"));          System.out.println("In role personal_office: "+request.isUserInRole("personal_office"));          System.out.println("In role personal_office_app: "+request.isUserInRole("personal_office_app"));     }}

All isUserInRole return false.


<?xml version = '1.0' encoding = 'UTF-8'?><web-app xmlns="" xmlns:xsi=""         xsi:schemaLocation=""         version="3.0">  <servlet>    <servlet-name>Servlet1</servlet-name>    <servlet-class>testproglog.Servlet1</servlet-class>    <security-role-ref>      <role-name>personal_office_app</role-name>      <role-link>personal_office</role-link>    </security-role-ref>  </servlet>  <servlet-mapping>    <servlet-name>Servlet1</servlet-name>    <url-pattern>servlet1</url-pattern>  </servlet-mapping>    <security-role>    <role-name>personal_office</role-name>  </security-role></web-app>

To verify that I'm not mistyping role name or something I found a method that lets me list user roles on weblogic:


And it shows me that I do have AUTHENTICATED_USERS and personal_office roles after login.

Why HttpServletRequest.isUserInRole is always false?

Also I tried the same code on tomcat and it isUserInRole works correctly there. What's wrong on WebLogic?

JDeveloper / WebLogic 12.1.3

java version "1.7.0_51"

Java(TM) SE Runtime Environment (build 1.7.0_51-b13)

Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)


This discussion has been closed.