tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Savoy, Melinda" <>
Subject RE: Still having problem retrieving user value from ISAPI Filter for authentication
Date Tue, 22 Jun 2010 12:36:50 GMT
Thanks Pid, I did do that as well, but I did not see the user value there either.  

Here is what I got when I did issue the getHeaderNames() and as you can see the authorization
shows the encrypted NTLM value but it is not decrypted and I cannot get to the info though
the ISAPI log shows the decrypted value which I cannot get to:

=== MimeHeaders ===
accept = */*
accept-language = en-us
connection = Keep-Alive
host = localhost
user-agent = Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322;
.NET CLR 2.0.50727; .NET CLR 3.0.04506.648; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729;
cookie = JSESSIONID=969AE176A965514B845A6E3A9E83A21E
accept-encoding = gzip, deflate
content-length = 0

I don't know what I'm doing wrong here.  Again, any help is appreciated.


-----Original Message-----
From: Pid [] 
Sent: Tuesday, June 22, 2010 7:11 AM
To: Tomcat Users List
Subject: Re: Still having problem retrieving user value from ISAPI Filter for authentication

On 22/06/2010 13:05, Marc Boorshtein wrote:
> I haven't tried this with IIS, but we had quite the discussion on this 
> last week with Apache & tomcat with JK.  In your server.xml file add 
> tomcatAuthentication="false" to the AJP connector object.  If you look 
> in the archives of this list for JK_REMOTE_USER there is a very 
> interesting discussion on the topic.

Also, you could iterate through the headers in request.getHeaderNames() to see what's being
passed across to Tomcat.


> Marc
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

The information contained in this message and any attachments is intended only for the use
of the individual or entity to which it is addressed, and may contain information that is
PRIVILEGED, CONFIDENTIAL, and exempt from disclosure under applicable law.  If you are not
the intended recipient, you are prohibited from copying, distributing, or using the information.
 Please contact the sender immediately by return e-mail and delete the original message from
your system.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message