Details
-
Bug
-
Resolution: Obsolete
-
Major
-
None
-
PLINK_2.7.0.Final
-
None
Description
If PicketLink HTTP security is configured, and Servlet API programmatic login is used, the Principal object is not updated (like it would be if using standard JavaEE security). By "Principal object" I mean both request.getUserPrincipal() and @Default Principal CDI bean.
This might break applications being ported to PL HTTP security that rely on the combination of programmatic login and Principal object.