user = appSecurity.authenticate(username, password, request.getSession(true));
}
else
{
ServletContext servletContext = FlexContext.getServletConfig().getServletContext();
WebApplication webApp = ((jrun.servlet.JRunServletContext)servletContext).getWebApplication();
HttpSession tempSession = webApp.getSessionService().createSession("temp");
user = appSecurity.authenticate(username, password, tempSession);
tempSession.invalidate();
}
return user.getPrincipal();
}