Required libraries at time of writing
A sample project that demonstrates the above example is available here.
On Jboss, user principle is null with this filter, what am I doing wrong?
If Jboss is like Tomcat, it may be because Jboss, by default, is set up to reject external headers like REMOTE_USER and accept it's own authentication. We found that with tomcat, we had to set the AJP to turn off tomcat authentication in it's server.xml file:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" tomcatAuthentication="false" />