[jetty-users] Making authentication "sticky" (getRemoteUser() from "/pub

[jetty-users] Making authentication "sticky" (getRemoteUser() from "/public" after first visiting "/private")

From: Eirik Lygre <eirik.lygre@xxxxxxxxx>
Date: Tue, 23 Feb 2010 18:06:23 +0100
Delivered-to: jetty-users@xxxxxxxxxxx
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=l7jnT2qtO5+O/TrVhpZlp2Iugw2eAotXrAp87szRTVGgSoH8K5b6NvyUvqCld4Lix7 5uyJ9AjleJSG7S+cYrCfd+mIh4f/qKgzYdZvKhSSSAAMULW6hcQPk/yktXwh9DLyFhSp Q2VPH0ETxeUldF0CscZTKinxW3f+qQHZmI/OY=
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hi,

What is the required setup to make authentication sticky?

The scenario is this:

- Any java servlet application

- /private is protected by a role; /public is not

Actual

- Visiting "/public", getRemoteUser() returns null

- Visiting "/private", getRemoteUser() returns the username

- Visiting "/public" again, getRemoteUser() returns null

Desired

- Visiting "/public", getRemoteUser() returns null

- Visiting "/private", getRemoteUser() returns the username

- Visiting "/public" again, getRemoteUser() returns the username

I imagine that this is a fairly common use case, so I'm thinking (hoping?) that there is some sort of support that I need to enable.

1) Is there an easy way out?

2) Is there a more complicated way out?

--
Eirik

There is no high like a tango high
There is no low like a tango low