tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thomas Nybro Bolding" <>
Subject Vedr.: IIS + Tomcat 5.0 + NT authentication AUTH_USER
Date Fri, 09 Jan 2004 08:37:04 GMT
Simply put 
somewhere in your file.


Jason Wilson <>
08-01-04 18:54
Besvar venligst til "Tomcat Users List"

        Vedr.:  IIS + Tomcat 5.0 + NT authentication AUTH_USER

I'm using 
  Tomcat 5.0.16
  IIS 5.0

Currently my application is running under IIS +
ColdFusion(Jrun), but will be migrating to a
IIS/Tomcat server.  Since this is an intranet
application on an NT network, where it is a
requirement to have the users not have to implicitly
logon, I am using NT authentication with IIS.  In
other words, for the virtual directory, I have set the
Anonomous access off, and Integrated Windows
Authenticated on. 

In the IIS + ColdFusion setup, my servlet does a 
request.getHeader("AUTH_USER"); and this returns the
domain/userid of the person logged into the client
machine.  Then I can verify the user is allowed to use
the application.  All is well.

However, in the IIS + Tomcat setup,
getHeader("AUTH_USER") is returning null.  I have
tried other header keys and get null also.

Also, I am sure IIS is authenticating the user, since
I cannot get to the application using a browser that
doesn't support the windows authentication.

So, it appears, for some reason, the connector is not
setting the AUTH_USER header when it transfers to the
Tomcat container.

Does anyone know how I can fix this so it does, or if
there is anything I might be doing wrong.

Thanks in advance,

Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes

To unsubscribe, e-mail:
For additional commands, e-mail:

<FONT SIZE=1 FACE="Arial">_______________
Vi gør opmærksom på, at denne e-mail kan indeholde fortrolig information. Hvis du ved en
fejltagelse modtager e-mailen, beder vi dig venligst informere afsender om fejlen ved at bruge
svar-funktionen. Samtidig beder vi dig slette e-mailen i dit system uden at videresende eller
kopiere den.
Selv om e-mailen og ethvert vedhæftet bilag efter vores overbevisning er fri for virus og
andre fejl, som kan påvirke computeren eller it-systemet, hvori den modtages og læses, åbnes
den på modtagerens eget ansvar. Vi påtager os ikke noget ansvar for tab og skade, som er
opstået i forbindelse med at modtage og bruge e-mailen.
Please note that this message may contain confidential information. If you have received this
message by mistake, please inform the sender of the mistake by sending a reply, then delete
the message from your system without making, distributing or retaining any copies of it.
Although we believe that the message and any attachments are free from viruses and other errors
that might affect the computer or IT system where it is received and read, the recipient opens
the message at his or her own risk. We assume no responsibility for any loss or damage arising
from the receipt or use of this message.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message