Hi,
2015-07-23 21:54 GMT+03:00 John Baker <jba...@dryfish.org.uk>:
>
> Hello,
>
> I note the HTTP connector does the following when
> Request.getRemoteUser() is called:
>
> public String getRemoteUser() {
> if (userPrincipal == null) {
> return null;
> }
> return userPrincipal.getName();
> }
>
> I understand what it's trying to do but it's not consistent with the AJP
> adapter and doesn't make it helpful to interact with upstream reverse
> proxies setting the username as a header (ie REMOTE_USER). Would it be
> possible to change the implementation to this:
>
> public String getRemoteUser() {
> String user = userPrincipal.getName();
> if (userPrincipal == null)
> user= getHeader("REMOTE_USER");
> return user;
> }
>
> Or even better, allow the REMOTE_USER header name to be set via a
> configuration value? This seems much more consistent with the AJP
> adapter that does pick up REMOTE_USER (sent by the ajp module) and
> avoids users having to retrieve a header from the request.
>
You didn't specify any Tomcat version.
Check this feature [1] -> tomcatAuthentication/tomcatAuthorization
Regards,
Violeta
[1]
http://tomcat.apache.org/tomcat-7.0-doc/config/ajp.html#Standard_Implementations
> Thanks
>
>
> John
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
