I was FINALLY able to get to my code within Eclipse using the Tomcat connector
and NOT getting the login dialog box by adding Jakarta to the trusted sites in
the IE browser on my Windows XP box since as I found out from Jeff in the IIS
forum browsers do not authenticate untrusted sites on XP.
Now the new issue is that I cannot get to the user value which is
"Texas\SavoyM" using the following partial method:
public User authenticate(final HttpServletRequest request, final
HttpServletResponse response) throws IOException {
// Initialize the User object
User user = null;
// 1. Initiate the IIS authentication process.
final String auth_user = request.getRemoteUser();
// 2. Create a User object with the user name
if (auth_user != null)
user = new User(auth_user, "");
// 3. Check to see if the user is populated
if (auth_user == null)
throw new UnauthorizedException(response, user);
Is there another way to get the user value other than using the
HttpServletRequest object?
Thanks.
-----Original Message-----
From: Savoy, Melinda
Sent: Wednesday, May 26, 2010 2:12 PM
To: 'Tomcat Users List'
Subject: RE: Question on workers.properties file
I did as you suggested below. I removed SCMIS virtual website from within the
jakarta virtual website and I got this in the log:
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_isapi_plugin.c (1835):
Filter started
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (1036):
Attempting to map URI '/localhost/SCMIS/index.jsp' from 3 maps
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/SCMIS/servlet/*=scmisWorker' source
'uriworkermap'
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/SCMIS/*.jsp=scmisWorker' source 'uriworkermap'
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/SCMIS/*=scmisWorker' source 'uriworkermap'
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/SCMIS/servlet/*=scmisWorker' source
'uriworkermap'
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/SCMIS/*.jsp=scmisWorker' source 'uriworkermap'
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_uri_worker_map.c (863):
Found a wildchar match '/SCMIS/*.jsp=scmisWorker'
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_isapi_plugin.c (1916):
check if [/SCMIS/index.jsp] points to the web-inf directory
[Wed May 26 14:00:09.271 2010] [3036:4236] [debug] jk_isapi_plugin.c (1932):
[/SCMIS/index.jsp] is a servlet url - should redirect to scmisWorker
[Wed May 26 14:00:09.286 2010] [3036:4236] [debug] jk_isapi_plugin.c (1972):
fowarding escaped URI [/SCMIS/index.jsp]
In IIS I changed had the DEFAULT WEBSITE directory security back to ANONYMOUS
access checked only and left the jakarta directory security to windows
authentication only. And I got a dialog box to login for authentication
purposes. I tried to login and the dialog box just kept coming back.
I guess what I do not understand is HOW does IIS know about my SCMIS website if
it is NOT included in IIS? I thought I needed the SCMIS virtual website
included in IIS in order to retrieve the user id that I am suppose to be
getting from IIS? What will my URL be now since I was using
http://localhost/SCMIS/index.jsp
Thanks again.
-----Original Message-----
From: Rainer Jung [mailto:rainer.j...@kippdata.de]
Sent: Wednesday, May 26, 2010 1:18 PM
To: Tomcat Users List
Subject: Re: Question on workers.properties file
On 26.05.2010 19:53, Savoy, Melinda wrote:
> Ranier - thanks for the reply.
>
> 1. I just tried this again, but I set all 3 (Default Website, jakarta
> virtual website and SCMIS virtual website) to Windows Authentication checked
> and Anonymous access unchecked and I was prompted with a login dialog box. I
> could not get authenticated and then I hit cancel and when I did my log
> showed the following:
>
> [Wed May 26 12:38:41.480 2010] [4684:228] [debug] jk_isapi_plugin.c (3108):
> Service protocol=HTTP/1.1 method=GET host=127.0.0.1 addr=127.0.0.1
> name=localhost port=80 auth=Negotiate user=TEXAS\SavoyM uri=/SCMIS/index.jsp
>
> My objective here is to have IIS authenticate without a user logging in and
> then I acquire the user value via the getRemoteUser() method.
>
> 2. I understood that I had to have the website that I am running currently
> in Tomcat setup as a virtual website in IIS under the jakarta virtual website
> in IIS so that it would serve up the /SCMIS/*.jsp pages in Tomcat? Are you
> saying that is not the case and I can get rid of the SCMIS virtual website?
> Could this possibly the issue?
I think you don't need it (and thus should get rid of it), but it is not
related to your auth issue. Keep the jakarta entry, but not the SCMIS
one below the jakarta one.
> 3. I remember your previous post but I thought you also said that you got a
> login prompt which is what I'm trying to avoid. Again the hope is that IIS
> can authenticate and forward the user value to Tomcat seamlessly.
Did you notice, that are are other checkboxes you can choose your auth
style from? I'd try all of those and try to read about their meaning.
Did you use MSIE or some other browser? Some of the automatic auth
methods used on Windows might only work with MSIE and maybe only if the
web server is configured as being trusted in MSIE.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
The information contained in this message and any attachments is intended only
for the use of the individual or entity to which it is addressed, and may
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are prohibited from copying, distributing, or using the information. Please
contact the sender immediately by return e-mail and delete the original message
from your system.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
The information contained in this message and any attachments is intended only
for the use of the individual or entity to which it is addressed, and may
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are prohibited from copying, distributing, or using the information. Please
contact the sender immediately by return e-mail and delete the original message
from your system.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
