I have a legacy webapp that currently authenticates users in a servlet. That is,

Question

0

Asked: June 18, 20262026-06-18T11:59:30+00:00 2026-06-18T11:59:30+00:00

I have a legacy webapp that currently authenticates users in a servlet. That is,

0

I have a legacy webapp that currently authenticates users in a servlet. That is, it calls LoginContext.login() from a servlet.

As part of my upgrades, I’d like to add new web pages that use declarative authentication through the web.xml file. And I want the old web pages to continue using the servlet authentication. Eventually, I’ll redo the old web pages to use the new authentication.

However, the new pages don’t inherit the authentication done from the servlet. They come up as unauthenticated, without a userPrincipal in the request.

With the existing servlet, I end up with a Subject. Is there any way I can call something so that OC4J will set the user principal from the Subject’s one principal?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T11:59:31+00:00

Editorial Team

2026-06-18T11:59:31+00:00Added an answer on June 18, 2026 at 11:59 am

Found it:

  // http://docs.oracle.com/html/E13977_01/authoriz.htm#BABHJJCJ
  // oc4jclient.jar, oc4j-unsupported-api.jar
  oracle.oc4j.security.Security.setSubject(subject, Longevity.SESSION);

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a legacy webapp that currently authenticates users in a servlet. That is,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply