tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lawlor, Frank" <Frank_Law...@AthensGroup.com>
Subject RE: getRemoteUser(), getAuthType() returning empty string instead of NULL?
Date Wed, 24 Apr 2002 19:16:25 GMT
The problem (in Tomcat) IS that getRemoteUser()
doesn't return null.  Tomcat does not support 
multiple logins.  If you look at the code you 
will see that it does a getRemoteUser() and
if not null and not authenticated by Tomcat, it
bails.

I tried it on 4.0.3, as someone suggested, and
it still fails with the same problem.

Frank Lawlor
Athens Group, Inc.
(512) 345-0600 x151
Athens Group, an employee-owned consulting firm integrating technology
strategy and software solutions.



> -----Original Message-----
> From: Jason MacLane [mailto:jmclane@mail.com]
> Sent: Wednesday, April 24, 2002 5:31 AM
> To: Tomcat Users List
> Subject: Re: getRemoteUser(), getAuthType() returning empty string
> instead of NULL?
> 
> 
> Did someone find a solution ? We are stuck on the same problem.
> 
> In fact, the problem is not really that the getRemoteUser() 
> returns an empty string instead of a null string : Normally, 
> when a user is already authenticated but is trying to access 
> to a ressource for which he is not in a valid role, the 
> server should open the login box a second time ; so even if 
> getRemoteUser() returns "" and that Tomcat considers it's the 
> user name, it should open the login box and not send a 403 error code.
> 
> In fact, when I test the same web application on Tomcat 3.3, 
> it works (I mean I can identify myself on the login box) but 
> with Tomcat 4 it directly rejects me...
> 
> 
> Every piece of info would help...
> Regards.
> 
> 
> > > >Scenario: 
> > > >(1) Browser -> http://TomcatHTTPServer:8080 (no authentication) 
> > > >
> > > >getRemoteUser() and getAuthType() return NULL, as expected 
> > > >
> > > >(2) Browser -> https://TomcatHTTPServer:8443 (no authentication) 
> > > >
> > > >getRemoteUser() and getAuthType() return NULL, as expected 
> > > >
> > > >(3) Browser -> https://IISServer:443(BASIC Auth) -> 
> ISAPI -> AJP13 
> > > >
> > > >getRemoteUser() returns authenticated user name, 
> > > >getAuthType() returns "Basic", as expected 
> > > >
> > > >(4) Browser -> http://IISServer:80(NO Auth) -> ISAPI -> AJP13

> > > >
> > > >getRemoteUser() and getAuthType() return "" (Empty String) 
> > > >This is NOT as expected, and causes Tomcat to reject the request 
> > > >because it thinks the request is already authenticated but 
> > > >doesn't match the requested page's realm. 
> > > >
> > > >Is this: 
> > > >
> > > >a) Working as specified? 
> > > >b) A bug in the ISAPI filter? 
> > > >c) A bug in Tomcat? 
> > > >d) Something else? 
> > > >
> > > >Thanks in advance. 
> > > >
> > > >-- 
> > > >James Garrison Athens Group, Inc. 
> > > >mailto: jhg@athensgroup.com 5608 Parkcrest Dr 
> > > >http://www.athensgroup.com Austin, TX 78731 
> > > >PGP: RSA=0x92E90A3B DH/DSS=0x498D331C (512) 345-0600 x150 
> > > >
> > > >
> > Ignacio J. Ortega wrote:
> > >De: James Garrison [mailto:jhg@athensgroup.com]
> > >Enviado el: martes 23 de abril de 2002 18:48
> > > 
> > > 
> > > Needed more information, which Tomcat version?, post the 
> connector or
> > > interceptor line for ajp13 prsent in your server.xml file..
> > > 
> > 
> > The Tomcat version is 4.0.2.  Here's the Connector definition:
> > 
> > 
> >      <Connector className="org.apache.ajp.tomcat4.Ajp13Connector"
> >                 port="8009" minProcessors="5" maxProcessors="75"
> >                 acceptCount="10" debug="0"
> > tomcatAuthentication="false"/>
> > 
> > 
> > The results are the same with tomcatAuthentication="true" and also
> > when the tomcatAuthentication parameter is omitted.
> > 
> > -- 
> > James Garrison                                Athens Group, Inc.
> > mailto:jhg@athensgroup.com                    5608 Parkcrest Dr
> > http://www.athensgroup.com                    Austin, TX 78731
> > PGP: RSA=0x92E90A3B DH/DSS=0x498D331C         (512) 345-0600 x150
> 
> -- 
> 
> _______________________________________________
> Sign-up for your own FREE Personalized E-mail at Mail.com
> http://www.mail.com/?sr=signup
> 
> 
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
> 
> 

--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message