tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacob Kjome <h...@visi.com>
Subject Re: Determining remote user and inrole for unprotected pages
Date Mon, 13 Oct 2003 16:42:40 GMT

Are you using mod_jk and Apache to front server requests?

If so, Apache has the getRemoteUser information and you need to configure 
Tomcat to tell it where to pull this from.  If you are using a recent 
version of Tomcat, put the following jk2.properties....

request.tomcatAuthentication=false

Jake

At 12:28 PM 10/13/2003 -0400, you wrote:
>I have recently noticed that when you have a site with both protected and
>unprotected pages that getRemoteUser returns null on the unprotected pages
>eventhough I have authenticated against a protected page.  isUserInRole also
>does not work.
>
>Is there a way I can determine who is logged in when I access an unprotected
>url?
>
>To answer my own Q, I supose I could create an object and store it in the
>session then access later, but is there another way?
>
>
>Ultimately I would like to present a dynamic menu in which administrators
>see a different menu than regular joe users.  The menu is part of every page
>in this case.  I would simple like to hide "admin only" sections so regular
>users don't see them.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message