Forum Stats

  • 3,840,388 Users
  • 2,262,598 Discussions
  • 7,901,258 Comments

Discussions

How do I set the Principal information using a custom servlet authentication filter?

Bill S
Bill S Member Posts: 16 Blue Ribbon

I have a WebLogic custom servlet authentication filter and it gets called whenever I try to access a protected resource. Once I validate the user and roles (it is in a token), how do I put that information in the Principal object so other parts of the system will see it?

My filter implements AuthenticationProviderV2 and ServletAuthenticationFilter. The interface has a method "getIdentityAsserter" that I implemented, but that never gets called. I have the methods getLoginModuleConfiguration, getAssertionModuleConfiguration, and getPrincipalValidator all just return null right now.

Do I need to implement one of those methods or is there a way to create/set the Principal information from within the doFilter method inside my custom filter class?

Thanks!