I don't know if you noticed, but I didn't ask about STAF securityYou asked "is there a way to preserve the STAFHandle for the use of the rest of the application?" If that isn't a STAF question I don't know what is.
have 25+ years of experienceWell done. Some of us have much more.
You asked "is there a way to preserve the STAFHandle for the use of the rest of the application?" If that isn't a STAF question I don't know what is.STAFHandle is an object that you get back from the STAF API; what exactly it is, is not relevant, as per the object idiom. And this is not s STAF question - it is a question about whether there is a way to preserve this object, that you have acquired somewhere in the Java EE authentication code, so that it can be seen and used elsewhere in other parts of the application. The answer to this may or may not be blindingly obvious to someone with long experience in Java EE development, but when you are new to it, the best way to learn is by doing and asking, in the hope that there are people around who are kind and patient enough. Fortunately, as it turns out, there were.
Well done. Some of us have much more.Yeah, "you were there when they built Stonehenge" :-)