tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Boorshtein <>
Subject Re: Setting JK_REMOTE_USER help
Date Wed, 16 Jun 2010 14:07:15 GMT
> You should not need to do that, it should be automatic.
> Just make sure that in the Tomcat <Connector> for AJP (in server.xml), you
> set the attribute
> tomcatAuthentication="false"
> If the request is authenticated by Apache, mod_jk will (always) pass it
> internally to Tomcat, along with the request.  If the above attribute is
> set, then Tomcat will also "believe" this user-id, and not try itself to
> authenticate the user.

OK, so the good news is that setting tomcatAuthentication="false" did
get tomcat to not prompt me for authentication.  The bad news is that
it looks like that this doesn't actually set the user's context
because I am receiving unauthorized messages from the application
which relies on container security.  I have an LDAP realm setup, is
there a configuration to bridge this gap?  If not I THINK I can write
a "wrapper" realm that will take the user id attribute and "fake" it.
Any thoughts?

As for the versions, thanks for the reminder:
Tomcat 6.0.26
Apache 2.2.15
mod_jk 1.2
CentOS 5.5


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message