Howdy, Rainier
Thanks for the response. I gave this a shot, but I'm not seeing any
change at the Servlet level. After your advice, I changed my
Connector definition to this:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
tomcatAuthentication="false" />
Is there any change I need to make on the httpd side? I've restarted
both tomcat and httpd, and I still get null from both
request.getRemoteUser() and request.getAuthType().
Moreover, is there somewhere I can turn on debugging to see if the
setting is at least getting picked up properly? I intentionally
introduced a typo into an attribute name, and saw no change in
behavior or other warnings or errors, which is somewhat disconcerting.
Thanks,
--xsdg
On Thu, Jun 6, 2013 at 12:20 AM, Rainer Jung <rainer.j...@kippdata.de> wrote:
> On 06.06.2013 07:23, Omari Stephens wrote:
>> Howdy, y'all
>>
>> I'm working on porting a pure java CGI to a servlet. I'm using Tomcat
>> 6 behind Apache HTTPD 2.2.
>>
>> At this point, I have everything talking to each other fine. When I
>> hit the right URL on httpd, my servlet gets run. yay.
>>
>> My question: incoming connections to httpd are over SSL. For the CGI,
>> apache sets user-identifying information in the environment, so that I
>> can read a particular environment variable and uniquely identify the
>> user making the request.
>>
>> So far, I can't figure out how to uniquely identify the user from the
>> Tomcat side. All of the obvious methods (like #getRemoteUser()) from
>> HttpServletRequest return null. I see "JkEnvVar" at
>> http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html,
>> but either that only copies variables from Apache's environment
>> (rather than ones that it sets for CGI), or I'm not using it
>> correctly.
>>
>> Lastly, I'm not hitting Tomcat SSL directly because I depend on a
>> module that only exists for Apache HTTPD.
>
> Set tomcatAuthentication="false" in your ajp connector.
>
> See tomcatAuthentication on page
> http://tomcat.apache.org/tomcat-7.0-doc/config/ajp.html.
>
> Setting it to "false" means that Tomcat will not authenticate the user
> but instead fully trust the remoteUser send by Apache. default is "true".
>
> Note that this is not really related to the subject of your mail (SSL
> connection information).
>
> Regards,
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
