WLS 12 JACC: FORM Login Doesn't Work If JACC Policy Provider Is Enabled

(Doc ID 1567630.1)

Last updated on DECEMBER 11, 2017

Applies to:

Oracle Weblogic Server - Version to [Release 12c]
Information in this document applies to any platform.


If the WLS JSR-115 Simple JACC Policy Provider is enabled, FORM login via httpServletRequest.authenticate(httpServletResponse) always returns true, although no user principal is established in the servlet request, that is calling httpServletRequest.getUserPrincipal() returns null.

  However, the method documentation of httpServletRequest.authenticate(response) that:

  true when non-null values were or have been established as the values
  returned by getUserPrincipal, getRemoteUser, and getAuthType. Return false
  if authentication is incomplete and the underlying login mechanism has
  committed, in the response, the message (e.g., challenge) and HTTP status
  code to be returned to the user.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms