Hi Manoj,
That is not what I meant.
Suppose I have the following code in a servlet and the user is already
authenticated
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
SecurityUtils.getSubject().isAuthenticated()
SecurityUtils.getSubject().isAuthenticated()
}
Is it possible that in the second call isAuthenticated() might return false?
I have been using the following pattern:
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
String login = SecurityUtils.getSubject().getPrincipal()
foo(login)
bar(login)
}
foo(String login) {
...
}
bar(String login) {
...
}
but I was wondering if it is safe to use the following:
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
foo()
bar()
}
foo() {
String login = SecurityUtils.getSubject().getPrincipal()
}
bar() {
String login = SecurityUtils.getSubject().getPrincipal()
}
On Wed, Jul 27, 2011 at 7:10 PM, Manoj Khangaonkar
<[email protected]> wrote:
> Hi Filepe,
>
> By default, isAuthenticated() will return false.
>
> After login, it should return true.
>
> After logout, it should return false.
>
> After Login or logout, the returned value will be different from before.
>
> Manoj
>
> On Wed, Jul 27, 2011 at 8:07 AM, Filipe Sousa <[email protected]> wrote:
>> Can I assume that calling SecurityUtils.getSubject().isAuthenticated()
>> multiple times in the same http request will always return the same
>> value?
>>
>> Thanks
>> --
>> Filipe Sousa
>>
>
>
>
> --
> http://khangaonkar.blogspot.com/
>
--
Filipe Sousa
