tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Still having problem retrieving user value from ISAPI Filter for authentication
Date Wed, 23 Jun 2010 11:52:01 GMT
On 23/06/2010 10:45, Rainer Jung wrote:
> On 23.06.2010 09:51, Pid wrote:
>> On 23 Jun 2010, at 02:40, Rainer Jung<rainer.jung@kippdata.de>  wrote:
>>
>>> On 22.06.2010 21:59, Marc Boorshtein wrote:
>>>>>
>>>>> Unless you are going to authenticate via one of Tomcat's
>>>>> authentication methods; BASIC, FORM, etc, then getRemoteUser() is
>>>>> going to return null.
>>>>>
>>>>> You'll need to add a security constraint, login-config and
>>>>> security-role to your web.xml to test getRemoteUser(); in just Tomcat.
>>>>>
>>>>
>>>> This shouldn't be the case since she put tomcatAuthentication="false"
>>>> tomcat should be taking the username from the JK_REMOTE_USER
>>>> attribute.
>>>>
>>>> Have you tried a wireshark packet capture?
>>>
>>> The log file of the ISAPI redirector she presented already contains a
>>> dump of the AJP packet the redirector is going to send out. The dump
>>> shows the correct user string contained in the packet.
>>>
>>> I've got no idea what's wrong here.
>>
>> Would you expect the user value normally to be set as another
>> (REMOTE_USER type) header by ISAPI?
> 
> No, it gets send as an AJP specific request attribute that the AJP
> connectors know about. It's not an HTTP header.

OK, and I'm guessing that if there was a way to get the AJP connector to
dump those attributes you'd have said so by now.


p

> Regards,
> 
> Rainer
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 



Mime
View raw message