WLS 12 JACC: FORM Login Doesn't Work If JACC Policy Provider Is Enabled
Last updated on DECEMBER 11, 2017
Applies to:Oracle Weblogic Server - Version 184.108.40.206 to 220.127.116.11 [Release 12c]
Information in this document applies to any platform.
If the WLS JSR-115 Simple JACC Policy Provider is enabled, FORM login via httpServletRequest.authenticate(httpServletResponse) always returns true, although no user principal is established in the servlet request, that is calling httpServletRequest.getUserPrincipal() returns null.
However, the method documentation of httpServletRequest.authenticate(response) that:
true when non-null values were or have been established as the values
returned by getUserPrincipal, getRemoteUser, and getAuthType. Return false
if authentication is incomplete and the underlying login mechanism has
committed, in the response, the message (e.g., challenge) and HTTP status
code to be returned to the user.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms