On 22/06/2010 13:36, Savoy, Melinda wrote: > Thanks Pid, I did do that as well, but I did not see the user value there > either. > > Here is what I got when I did issue the getHeaderNames() and as you can see > the authorization shows the encrypted NTLM value but it is not decrypted and > I cannot get to the info though the ISAPI log shows the decrypted value which > I cannot get to: > > === MimeHeaders === > accept = */* > accept-language = en-us > connection = Keep-Alive > host = localhost > user-agent = Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; > .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; InfoPath.2; > .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MS-RTC LM 8; MS-RTC EA 2) > cookie = JSESSIONID=969AE176A965514B845A6E3A9E83A21E > authorization = NTLM > TlRMTVNTUAADAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAABcKIogUBKAoAAAAP
The authorization should be base64, (if memory serves), you could decode it and see what it's passing. Tomcat has some base64 code which you can probably find & use to decode it. (At least until someone who knows more about ISAPI turns up.) p > accept-encoding = gzip, deflate > content-length = 0 > > I don't know what I'm doing wrong here. Again, any help is appreciated. > > Thanks. > > -----Original Message----- > From: Pid [mailto:p...@pidster.com] > Sent: Tuesday, June 22, 2010 7:11 AM > To: Tomcat Users List > Subject: Re: Still having problem retrieving user value from ISAPI Filter for > authentication > > On 22/06/2010 13:05, Marc Boorshtein wrote: >> I haven't tried this with IIS, but we had quite the discussion on this >> last week with Apache & tomcat with JK. In your server.xml file add >> tomcatAuthentication="false" to the AJP connector object. If you look >> in the archives of this list for JK_REMOTE_USER there is a very >> interesting discussion on the topic. > > Also, you could iterate through the headers in request.getHeaderNames() to > see what's being passed across to Tomcat. > > > p > > >> Marc >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > > > The information contained in this message and any attachments is intended > only for the use of the individual or entity to which it is addressed, and > may contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from > disclosure under applicable law. If you are not the intended recipient, you > are prohibited from copying, distributing, or using the information. Please > contact the sender immediately by return e-mail and delete the original > message from your system.
signature.asc
Description: OpenPGP digital signature
