> Can someone let me know if this is a bug or the expected behavior?
> When I use HttpServletRequest#login() to pass in user credentials,
> the login works fine and a user principal is created. Within that
> same request, I am now authenticated and can access resources that
> my role(s) allows.
Ah. Sorry -- was searching under 'webcontainer' and found the issue in
'security' right after I sent the email. D'oh.
https://glassfish.dev.java.net/issues/show_bug.cgi?id=11340
Will try it out with a 3.0.1 build. I've written up an example of this
for a blog, so I'll verify and will have to include the GF build info
before sharing.
Cheers,
Bobby