tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Howard Watson" <howa...@esgw.org>
Subject Re: getRemoteUser null
Date Thu, 08 Jan 2004 20:52:46 GMT
Still stumped. Just a little more info on this issue. Still suspect a
configuration error, but haven't found it yet:

Apache log
==========

Access secure page as DirectoryIndex default
********************************************
ipAddr - - [08/Jan/2004:12:17:01 -0700] "GET /Secure/ HTTP/1.1" 401
502
ipAddr - cn=HowardW,ou=orgUnit,ou=orgUnit,o=org [08/Jan/2004:12:17:12
-0700] "GET /Secure/ HTTP/1.1" 200 3950
ipAddr - - [08/Jan/2004:12:17:14 -0700] "GET /Secure/css/Corp.css
HTTP/1.1" 401 502
ipAddr - cn=HowardW,ou=orgUnit,ou=orgUnit,o=org [08/Jan/2004:12:17:14
-0700] "GET /Secure/css/Corp.css HTTP/1.1" 200 244
ipAddr - - [08/Jan/2004:12:17:14 -0700] "GET /Img/GWLogos.gif HTTP/1.1"
401 502
ipAddr - cn=HowardW,ou=orgUnit,ou=orgUnit,o=org [08/Jan/2004:12:17:14
-0700] "GET /Img/GWLogos.gif HTTP/1.1" 200 5391

Access secure page with JSP name in URL, note 
that only the files from the folders below it 
return 401, which I suspect is why I am still
prompted to authenticate
********************************************
ipAddr - - [08/Jan/2004:12:17:27 -0700] "GET /Secure/SecurePage.jsp
HTTP/1.1" 200 3672
ipAddr - - [08/Jan/2004:12:17:27 -0700] "GET /Secure/css/Corp.css
HTTP/1.1" 401 502
ipAddr - cn=HowardW,ou=orgUnit,ou=orgUnit,o=org [08/Jan/2004:12:17:27
-0700] "GET /Secure/css/Corp.css HTTP/1.1" 304 -
ipAddr - - [08/Jan/2004:12:17:27 -0700] "GET /esgwImg/GWLogos.gif
HTTP/1.1" 401 502
ipAddr - cn=HowardW,ou=orgUnit,ou=orgUnit,o=org [08/Jan/2004:12:17:27
-0700] "GET /Img/GWLogos.gif HTTP/1.1" 304 -

>From apache conf
================
<VirtualHost ipAddr:port>
  ServerName DNSname
## shouldn't need DocumentRoot since using alias, but just in case
  DocumentRoot "SYS:/intranet/webapps/secure"
  ErrorLog SYS:/intranet/logs/errors.txt
  CustomLog SYS:/intranet/logs/access.txt common

## From this point on access requires encrypted authentication
  Alias /Secure "SYS:/intranet/webapps/secure"
  <Directory SYS:/intranet/webapps/secure>
    Options FollowSymLinks MultiViews
    DirectoryIndex SecurePage.jsp  ## added to make make
getRemoteUser() work
    Order deny,allow
    Allow from all
    AuthType Basic
    AuthName "ES-GW N.R.M. Corporate Intranet"
    AuthLDAPURL ldap://ServerName:389/O=DEV?uid
    AuthLDAPRemoteUserIsDN On
    require valid-user
  </Directory>
</VirtualHost>



>>> hoju@visi.com 01/05/04 04:22PM >>>

You have to tell Tomcat whether to get BASIC Auth remote user
information from 
the connector (Apache) or from Tomcat itself.  See the following for
details...

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12196 

Jake

Quoting Howard Watson <howardw@esgw.org>:

> Additional Info:
> 
> Enumerate HeaderNames
> ===============
> host : myServer:port
> user-agent : Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5)
> Gecko/20031007 Firebird/0.7
> accept :
> 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1
> accept-language : en-us,en;q=0.5
> accept-encoding : gzip,deflate
> accept-charset : ISO-8859-1,utf-8;q=0.7,*;q=0.7
> keep-alive : 300
> connection : keep-alive
> cookie : JSESSIONID=8E46392BD10C29E8DCF62E608D81DF5F
> authorization : Basic aG93YXJkdzphdXRoZW50aWNhdGVtZQ==
> cache-control : max-age=0
> content-length : 0
> =============
> End Request Headers
> 
> request.getAuthType() returns null
> request.getRemoteUser() returns null
> 
> End Additional Info
> 
> >>> howardw@esgw.org 12/31/03 12:03PM >>>
> Original message reformatted to match message posted at ApacheUser.
> 
> Porting web application from Apache1.3/Tomcat3.3.
> Before stumbling on this partial fix all my JSPs and servlets
returned
> getRemoteUser null. This fix works for JSPs but doesn't help much
for
> servlets.
> 
> Apache2.0.48
> Tomcat4.1.29
> mod_jk1.2.5
> jvm1.4.1_02a
> 
> Does anyone have any idea why a JSP referenced by name in a url would
return
> getRemoteUser = null and the same JSP referenced through
DirectoryIndex in
> Apache2 would return getRemoteUser = expected user name.
> 
> Example:
> http://serverAddr/DisplayUser.jsp returns null
> 
> In Apache conf
> DirectoryIndex DisplayUser.jsp
> 
> http://serverAddr/ returns DisplayUser.jsp with user name
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org 
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

> 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org 
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org 
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message