tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David kerber <>
Subject Re: Setting JK_REMOTE_USER help
Date Wed, 16 Jun 2010 15:12:00 GMT
On 6/16/2010 10:58 AM, Marc Boorshtein wrote:


> That being said, the sequence of events should be:
> 1.  Web server authenticates the user (works)
> 2.  Pass the context to Tomcat (works)
> 3.  Tomcat calls the realm to retrieve the user information and set
> the context (doesn't presently occur)
> #3 appears to be the issue.  Authenticaiton and Authorization should
> be separate steps entirely in order to satisfy the J2EE contract in an
> enterprise environment (which often involves WAMs).
> So it doesn't sound like there is a configuration way to handle this.
> I think I'll try hacking around to see if I can solve this with some
> kind of custom Realm.

Keep in mind that Tomcat is not a full j2ee server; it's a "servlet 
container", so may not meet some of the requirements you have for your 
app if they are part of higher-level j2ee specs.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message