Of course... duuuuuuuuhhhh. duhduhduh. I see the principal member variable and set/getPrincipal() in StandardSession.
So really, Principal is stored in the Session object as a member variable. But what about that setNote(Globals.SOMETHING_SUBJECT, principal) that I see in the auth classes... -yong On Feb 23, 2007, at 4:47 PM, Yong Bakos wrote: Hi, Thanks to all you Tomcat participants for such a supportive community. I've questions for tomcat source code lovers. During forms authentication, does the FormAuthenticator store a Principal in the Session via setNote()? If so, does the notes map serve as a "dude, totally private" Map to hold relevant objects that are separate from session attributes? Just seeking enlightenment. Cheers, Yong PS. Sure wish the StandardSessionFacade exposed the setUserPrincipal method... with the intent of programmatic logging-in of the user when using FORM-auth. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
