tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Savoy, Melinda" <>
Subject RE: Still having problem retrieving user value from ISAPI Filter for authentication
Date Tue, 22 Jun 2010 13:23:54 GMT
Actually, what I finally got working was getting IIS to talk to Tomcat and therefore seeing
the request get to the ISAPI filter which after working with a MS IIS engineer 2 weeks ago
I was able to get up and running.  I have not to date been able to get the getRemoteUser()
to extract the user value info that ISAPI shows in its log.  That is the issue.  In the previous
posts this morning I showed what the getHeaderNames() provided but it has an encrypted NTLM
value. I thought I could get at the user value that ISAPI show by executing the getRemoteUser()
but I'm still getting a NULL value.

Pid suggested using a Base64Decoder but I thought the ISAPI filter would provide that for


-----Original Message-----
From: Rainer Jung [] 
Sent: Tuesday, June 22, 2010 8:16 AM
To: Tomcat Users List
Subject: Re: Still having problem retrieving user value from ISAPI Filter for authentication

On 22.06.2010 14:16, Savoy, Melinda wrote:
> Thanks Marc.  I actually have that setting in my server.xml file as well.
> Actually I did follow your post last week thinking that would help me but the ISAPI filter
is working properly as indicated in my log and IIS has authenticated the info otherwise, at
least it is my understanding and my experience for the last month in trying to get the ISAPI
config and IIS setup properly, that the request info in the isapi log would NOT be populated
at all.  But now that it is, it appears that I cannot get to the request info by using the
getRemoteUser() method which I understood from Ranier and Andre that I could use to get the
user value that I need to complete authentication in my code.
> It just seems that the ISAPI filter is NOT working properly.  Andre or Ranier, if you
guys are out there, your response would be appreciated.

I thought you already managed to have a situation, where getRemoteUser() 
returned something meaningful. So what's the difference to the situation 



To unsubscribe, e-mail:
For additional commands, e-mail:

The information contained in this message and any attachments is intended only for the use
of the individual or entity to which it is addressed, and may contain information that is
PRIVILEGED, CONFIDENTIAL, and exempt from disclosure under applicable law.  If you are not
the intended recipient, you are prohibited from copying, distributing, or using the information.
 Please contact the sender immediately by return e-mail and delete the original message from
your system.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message