Skip to Main Content

How do I set the Principal information using a custom servlet authentication filter?

Bill SJan 3 2022

I have a WebLogic custom servlet authentication filter and it gets called whenever I try to access a protected resource. Once I validate the user and roles (it is in a token), how do I put that information in the Principal object so other parts of the system will see it?
My filter implements AuthenticationProviderV2 and ServletAuthenticationFilter. The interface has a method "getIdentityAsserter" that I implemented, but that never gets called. I have the methods getLoginModuleConfiguration, getAssertionModuleConfiguration, and getPrincipalValidator all just return null right now.
Do I need to implement one of those methods or is there a way to create/set the Principal information from within the doFilter method inside my custom filter class?

Post Details
Added on Jan 3 2022