Sorry all - my bad.
Suggestion 3 in the WIKI (http://wiki.apache.org/tomcat/HowTo#head-
cb66e750a22dea34b56f508dd675ed3c2e2e221a) works perfectly as advertised.
For the archive, my problem was due to an old JAR lurking in server/
lib that I thought had gone, so my custom principal interface
Well, I'm not 100% sure about this as I've not proven all of it, but
what I believe is happening from the various Tomcat docs I've read is:
1) My custom realm's authenticate() method(s) are invoked and these
instantiate and return the custom principal objects (this bit is
proven). If I do
> From: Darren Clarke [mailto:[EMAIL PROTECTED]
> request.getUserPrincipal().getClass().toString() returns
> "poc.security.TestPrincipal"
>
> (request.getUserPrincipal() instanceof
> poc.security.I_TestPrincipal returns false
Ah. Are you loading everything through the sa
Hi Martin
Thanks for the speedy response.
Re there being no guarantee that the type I'm casting is of the
appropriate type, I was actually doing an instanceof test, that I
omitted to mention and which fails, i.e.
request.getUserPrincipal().getClass().toString() returns
"poc.security
Good Morning Darren-
You can always downcast but upcasting is always problematic
request.getUserPrincipal() returns the base class of java.security.Principal
you are trying to upcast to your own derived class which is always dangerous
since there is no
guarantee the object you are passing is of ty
