/** * Returns a <code>java.security.Principal</code> object containing the name * of the current authenticated user. If the user has not been * authenticated, the method returns null. * * @return a <code>java.security.Principal</code> containing the name of the * user making this request; null if the user has not been * authenticated * @see SecurityContext#getUserPrincipal() */ public Principal getUserPrincipal() { Principal foundPrincipal = (request.getChallengeResponse() == null) ? null : request.getChallengeResponse().getPrincipal(); if (foundPrincipal != null) return foundPrincipal; return SecurityUtil.getSslClientCertPrincipal(this.request); }