I have a WebLogic custom servlet authentication filter and it gets called whenever I try to access a protected resource. Once I validate the user and roles (it is in a token), how do I put that information in the Principal object so other parts of the system will see it?
My filter implements AuthenticationProviderV2 and ServletAuthenticationFilter. The interface has a method "getIdentityAsserter" that I implemented, but that never gets called. I have the methods getLoginModuleConfiguration, getAssertionModuleConfiguration, and getPrincipalValidator all just return null right now.
Do I need to implement one of those methods or is there a way to create/set the Principal information from within the doFilter method inside my custom filter class?