Hi,
I recently posted under the thread "Apache authentication information
(remoteuser) not visible in Tomcat" and I am grateful to all that
responded with useful comments.
I learned the following about how Tomcat treats authentication
information received from Apache via AJP headers (mod_jk)
fine.
As soon as I flip it back on (by adding
CONFIDENTIAL),
I get null as before.
I need to have tomcat working over SSL with the client. Is there I way I
can get it to trust the information its obtained from the apache
web-server via AJP?
Thanks,
Omar
Rainer Jung wrote:
Hi Omar,
Omar N
xml.original if you want. The commented parts are excellent
documentation, but hamper readability of the active parts.
3. Restart Tomcat. I'm not sure if you restarted after you added
tomcatAuthentication="false" to the connector, but it needs to happen.
--David
Omar Nafees wrot
r disclosure is strictly
prohibited. If you are not the intended recipient or have received this
message in error, please notify us immediately by reply email and
permanently delete the original transmission from all of your systems
and hard drives, including any attachments, without making a copy.
r disclosure is strictly
prohibited. If you are not the intended recipient or have received this
message in error, please notify us immediately by reply email and
permanently delete the original transmission from all of your systems
and hard drives, including any attachments, without making a copy.
pe its not some obscure bug in mod_jk!! :)
Thanks,
Omar
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Omar,
Omar Nafees wrote:
request.getRemoteUser() returns null in my servlet.
request.getAttribute("REMOTE_USER") also returns null. I have even
checked
Hello,
request.getRemoteUser() returns null in my servlet.
request.getAttribute("REMOTE_USER") also returns null. I have even
checked the headers that are being sent to the AJP connector in Tomcat.
Here's what I'm running: apache-2.0.59 in front of tomcat-5.5.23_1 via
mod_jk-ap2-1.2.23 on
