我为 Jersey 创建了一个 LoggingFilter,并在 web.xml 中正确配置了它。一切正常。当我执行“GET”时,我得到了 userPrincipal (request.getUserPrincipal()),但对于 POST,它返回 null。我已经在 Websphere 上用 java 1.4 编写了几个 REST 服务,并且总是可以访问 userPrincipal,但是在 Tomcat/1.6 上我得到了上述内容。我正在使用基本身份验证。泽西岛是这样做的吗?还是雄猫?
<security-constraint>
<web-resource-collection>
<web-resource-name>Lookup Resources</web-resource-name>
<description>A set of secured resources.</description>
<url-pattern>/rest/lookup/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>DataServ_Lookup</role-name>
<role-name>DataServ_Admin</role-name>
</auth-constraint>
<!-- Comment this out for Dev. It is a MUST for Prod...
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>-->
</security-constraint>