httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Devin Bougie <>
Subject Re: [users@httpd] accessing REMOTE_USER through an Apache proxy
Date Fri, 30 Oct 2009 17:01:45 GMT
On Oct 30, 2009, at 12:49 PM, André Warnier wrote:
> Glad to have been of help.
> One more nitpick however, below, lest you remain partly confused.

Yes, indeed.  I was confused by the "Same as the value of the CGI  
variable REMOTE_USER." statement in the  
HttpServletRequest.getRemoteUser javadoc, but you have again helped  
explain that.

Thanks again,

> Devin Bougie wrote:
> ...
> With the latest posted configuration,
>> I am able to see the REMOTE_USER HTTP header from the backend  
>> GlassFish Web Application (using HttpServletRequest.getHeader 
>> ("REMOTE_USER")).
> OK, and correct.
>  As
>> you explain, HttpServletRequest.getRemoteUser and getUserPrincipal  
>> both return null because they are looking for the REMOTE_USER cgi- 
>> bin environment variable.
> No, they are not.
> A cgi-bin environment variable is only set by a webserver when  
> running a cgi-bin program.
> A servlet is not a cgi-bin program, and the servlet container which  
> runs it, does not set any "environment variables" for the servlet.
> If HttpServletRequest.getRemoteUser and  
> HttpServletRequest.getUserPrincipal return null, it is because they  
> both look into the UserPrincipal object, which is probably not set,  
> because you have not done any authentication (yet) in your servlet  
> container.
> You have just read a HTTP header, and gotten back a String as a  
> result.  That does not, for the servlet container, constitute reason  
> enough to take that String, consider it as a bona fide user-id, and  
> set it into the UserPrincipal object so that  
> HttpServletRequest.getRemoteUser would nicely return it. Hence the  
> nulls.
> So it looks like you still have some work to do.
> But that is now a question which belongs to the GlassFish forum.
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server  
> Project.
> See <URL:> for more info.
> To unsubscribe, e-mail:
>  "   from the digest:
> For additional commands, e-mail:

View raw message