Hello, I am using HttpServletRequest.login to authenticate users on an ajax call. This is working fine and the relevant realm is queried. However, on subsequent requests, I have quite often the remote user being null despite having the correct JSESSION cookie set from the login call.
This is not happening always, but it is quite frequent. Interestingly, if a set an attribute in the session, that session and attributes are preserved in the subsequent requests. Is there anything else that I should do to preserve authentication information? It is very strange that this process is working intermittently. As a workaround I am wrapping the request and overrides the getRemoteUser/getUserPrinciper/isUserInRole to get this information from the information I am storing in the session, but I would prefer to have this working without this workaround (for example the AccessLogValve does not report the user correctly when using that workaround). Cheers Nicolas
