This week's book giveaway is in the NodeJS forum. We're giving away four copies of Serverless Applications with Node.js and have Slobodan Stojanovic & Aleksandar Simovic on-line! See this thread for details.
If there is no such security constraint, then the servlet container assumes that the app is not interested in authenticating in user credentials - it doesn't ask for them, and it doesn't report on them.
A null result from getRemoteUser or getUserPrincipal indicates that the remote user is not logged in.
A login will not occur unless the remote user attempts to access a URL designated as protected in web.xml or if server logic invokes the login() method (which was added somewhere around JEE 5 or 6). You cannot simply steer the user to a page designated as loginPage in web.xml - any direct attempt to access that page will not have had the proper login environment set up by the server before it was displayed, and the login code is part of the server, not the web application.
When it comes to destroying a civilization, gas chambers cannot hold a candle to echo chambers.
You've gotta fight it! Don't give in! Read this tiny ad:
global solutions you can do at home or in your backyard