Still get old user principal even after login changed

Jun 26, 2012 at 5:16 AM

Dear all,

I used NegotiateSecurityFilter with Websphere AS 6.1 (Win64 platform) to perform Single Sign-On with Active Directory 2003R2.

Here is what I configured in web.xml

<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>
        waffle.servlet.NegotiateSecurityFilter
    </filter-class>
    <init-param>
      <param-name>principalFormat</param-name>
      <param-value>fqn</param-value>
    </init-param>
    <init-param>
      <param-name>roleFormat</param-name>
      <param-value>both</param-value>
    </init-param>
    <init-param>
      <param-name>allowGuestLogin</param-name>
      <param-value>true</param-value>
    </init-param>
    <init-param>
      <param-name>securityFilterProviders</param-name>
      <param-value>
            waffle.servlet.spi.NegotiateSecurityFilterProvider
      </param-value>
    </init-param>
  </filter>

 

When user hit the URL, the NegotiateSecurityFilter intercept the request, after that I can user request.getUserPrincipal().getName() to get "login name" which will be used to get further profile from backends. So far every thing went smoothly.

 

The problem happened when user change login in AD, I also change login in backends to match. But most of the time request.getUserPrincipal().getName() still return "old login" which cannot be found in backends. I tried to delete user profile on the machine, change filter parameters, restart server/client, but nothing helped.

Please kindly advice.

Regards,

Satit A.

Coordinator
Jun 26, 2012 at 10:58 AM

Please post questions into the google group. This discussion list is closed.