if you're fronting with Apache 2.2 WebServer you need to rewrite the environment variable REMOTE_USER and place on request to TC to allow TC to use getRemoteUser()
http://osdir.com/ml/apache.mod-auth-kerb.general/2005-10/msg00009.html HTH Martin ______________________________________________ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. > Date: Fri, 9 Jan 2009 14:55:36 -0600 > From: rfano...@gmail.com > To: users@tomcat.apache.org > Subject: REMOTE_USER is null to Tomcat > > Greetings all, > > Please NOTE: I want to mention that what I'm about to describe is > apparently a common problem. I have thoroughly searched the > tomcat-user mailing list archives and the google. I have attempted the > many, many suggestions put forth (which I will describe in more > detail), and this is still not working properly. > > My environment > ----------------------- > RHEL 4.7 > Apache httpd 2.0.52 > mod_jk 1.2.27 > Tomcat 5.0.28 (this version is required by a proprietary app we're using) > > The problem > ------------------ > No matter what I try, I am unable to get Tomcat to see the value of > the http variable REMOTE_USER. It is _always_ null to Tomcat. > > Everything else related to my Apache web server / mod_jk / Tomcat > setup is working properly. I can view all /jsp-examples. I can use our > proprietary web java app. > > What I have tried > ------------------------ > * For starters, I have confirmed using a perl script that REMOTE_USER > is indeed being set (following a couple different authentication types > - Basic and Shibboleth). > * I have set JkLogLevel debug in httpd.conf, and confirmed (by tailing > mod_jk.log) that mod_jk is passing REMOTE_USER and its value from > Apache web server to Tomcat. > * I have tried JkEnvVar REMOTE_USER in httpd.conf. > * I have tried JkEnvVar REMOTE_USER "<fake>", JkEnvVar REMOTE_USER > bob, JkEnvVar REMOTE_USER %{REMOTE_USER}, etc., etc., etc., etc. in > httpd.conf. > * I have set both tomcatAuthentication="false" and > request.tomcatAuthentication="false" in Tomcat's server.xml and in > jk2.properties (and endless combinations of one or both in one or both > places). > > I am out of ideas. None of the "common fixes" (that I've found anyway) > are working. Does anyone have suggestions on how to fix this problem? > > -- > Best regards - > Ryu Fan // rfano...@gmail.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _________________________________________________________________ Windows Live⢠Hotmail®: Chat. Store. Share. Do more with mail. http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t1_hm_justgotbetter_howitworks_012009