tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David kerber <>
Subject Re: Passing user id from web page to tomcat webapp
Date Thu, 14 Jul 2011 14:35:34 GMT
On 7/14/2011 10:20 AM, Pid wrote:
> On 14/07/2011 15:04, David kerber wrote:
>> On 7/14/2011 9:50 AM, André Warnier wrote:
>>> David kerber wrote:
>>>> I have a situation where my users will be logging into their pages on
>>>> an IIS 5 web server, which authenticates them with their user ID and
>>>> password as configured in IIS. This works fine.
>>>> Now I need to add some new functionality to the web site that will be
>>>> using my tomcat webapp, and I don't want them to have to authenticate
>>>> again in my app, so I'm trying to figure out how to pass the user ID
>>>> from the web page on IIS, to my webapp. I thought
>>>> request.getRemoteUser() would do it, but that's returning null, rather
>>>> than the loggged-in user ID.
>>> You need to specify what you use to forward requests from IIS to Tomcat.
>>> If you are using Isapi_Redirect, then set the attribute
>>> "tomcatAuthentication" to false in the Tomcat AJP<Connector>  (in
>>> server.xml).
>> I'm not "forwarding" at all.  The call to tomcat from the IIS page is
>> just the "action" parameter of the form.  The only connector is the
>> standard http 1.1 connector.
> If their username&  password really is configured in IIS, were you
> hoping that Tomcat would magically interface with that?   :s

No, I was just hoping that some request header or parameter with the 
user name would be carried over when the call was made to the servlet, 
but it's not doing so.  I don't need to fully authenticate them again, 
but do need their user ID.

Any other suggestions, or am I going to have to go a different route?

> Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
> I'm speculating there.

I'll see if that might help; I've never heard of it.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message