tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wayne Hefner" <whef...@objectmania.com>
Subject RemoteUser is null
Date Thu, 18 Oct 2001 13:04:39 GMT
I am trying to set up authentication for my web app using tomcat.  I am
using just basic authentication and the application seems to authenticate me
and allows the user in.  However, when I issue a request.getRemoteUser() the
value returned is null.

The following is what I have placed in the web.xml file for the web app:

   <security-constraint>
      <web-resource-collection>
         <web-resource-name>DIS Protected Area</web-resource-name>
	 <!-- Define the context-relative URL(s) to be protected -->
         <url-pattern>/jsp/security/protected/*</url-pattern>
         <url-pattern>/DIS/*</url-pattern>
	 <!-- If you list http methods, only those methods are protected -->
	 <http-method>DELETE</http-method>
         <http-method>GET</http-method>
         <http-method>POST</http-method>
	 <http-method>PUT</http-method>
      </web-resource-collection>
      <auth-constraint>
         <!-- Anyone with one of the listed roles may access this area -->
         <role-name>dis</role-name>
	 <role-name>disrole</role-name>
      </auth-constraint>
    </security-constraint>

    <!-- Default login configuration uses BASIC authentication -->
    <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>DIS Basic Authentication Area</realm-name>
    </login-config>
  </security-constraint>

If anyone could let me know how I can force Tomcat to set RemoteUser I would
appreciate it.

thanks,

wayne



Mime
View raw message