On 17/01/2019 12:46, Tim K wrote: > When I dump the session object of an authenticated (JNDIRealm) user on my > local dev environment versus my development server, for some reason > the javax.security.auth.subject shows up on the dev server but not my > local. I also spun up a docker container with pretty much default tomcat > config and javax.security.auth.subject doesn't show up in the session > object there either. My code is exactly the same in all envs, is there > something within tomcat configuration which would determine if > javax.security.auth.subject is added to the session object? I can't figure > out the difference why it's on one instance but not the other.
At a guess, the development server is running under a SecurityManager whereas the other environments are not. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
