On 23.06.2010 09:51, Pid wrote:
On 23 Jun 2010, at 02:40, Rainer Jung<rainer.j...@kippdata.de> wrote:
On 22.06.2010 21:59, Marc Boorshtein wrote:
Unless you are going to authenticate via one of Tomcat's authentication
methods; BASIC, FORM, etc, then getRemoteUser() is going to return null.
You'll need to add a security constraint, login-config and security-role to
your web.xml to test getRemoteUser(); in just Tomcat.
This shouldn't be the case since she put tomcatAuthentication="false"
tomcat should be taking the username from the JK_REMOTE_USER
attribute.
Have you tried a wireshark packet capture?
The log file of the ISAPI redirector she presented already contains a dump of
the AJP packet the redirector is going to send out. The dump shows the correct
user string contained in the packet.
I've got no idea what's wrong here.
Would you expect the user value normally to be set as another (REMOTE_USER
type) header by ISAPI?
No, it gets send as an AJP specific request attribute that the AJP
connectors know about. It's not an HTTP header.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
