You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by David kerber <dc...@verizon.net> on 2011/07/14 15:07:30 UTC
Passing user id from web page to tomcat webapp
I have a situation where my users will be logging into their pages on an
IIS 5 web server, which authenticates them with their user ID and
password as configured in IIS. This works fine.
Now I need to add some new functionality to the web site that will be
using my tomcat webapp, and I don't want them to have to authenticate
again in my app, so I'm trying to figure out how to pass the user ID
from the web page on IIS, to my webapp. I thought
request.getRemoteUser() would do it, but that's returning null, rather
than the loggged-in user ID.
Here's what I have so far:
The web page on IIS has a simple form to ask for an input, which is
needed by the webapp's Servlet (EddSrvConfig):
<form name="frmSiteSelect" action="http://<TC
server>/EddSrv/EddSrvConfig" method="GET">
<input type="hidden" name="txtCompany" value="90555">
<LABEL for="txtSiteID">Site: </LABEL>
<INPUT type="text" name="txtLocation">
<INPUT type="submit" name="butGetCharts" value="Get charts">
</form>
When I debug on the TC side, I get the request, and the parameters from
the <input> controls are there, but I don't get a user ID. How can I do
that? Do I need a different kind of call than a GET? A different
method than .getRemoteUser() in my webapp? Or what?
Thanks!
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by André Warnier <aw...@ice-sa.com>.
David kerber wrote:
> On 7/14/2011 10:51 AM, David kerber wrote:
>> On 7/14/2011 10:45 AM, André Warnier wrote:
>>> David kerber wrote:
>>> ...
>>>
>>>>
>>>>> Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
>>>>> I'm speculating there.
>>>>
>>>> I'll see if that might help; I've never heard of it.
>>>>
>>>
>>> That is the "the newly-released "authenticator Valve" (?) available in
>>> Tomcat 7 " solution I was talking about.
>>>
>>> David, getting the Windows user-id in Tomcat is quite complicated,
>>> because Windows authentication is complicated.
>>> Since you already have an IIS server involved, by far the easiest way is
>>> my solution (1), which can be set up easily with an IIS-Tomcat connector
>>> (the IIS-oriented version of mod_jk). See :
>>> http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
>>
>> Thanks; I'll take a look.
>
> That reference has tomcat and IIS installed on the same machine. Is
> that a requirement, or is there a way of configuring it with tc on a
> different machine (actually a different subnet, in my case)?
>
Not a requirement at all. They could be in different countries, as long as the firewalls
allows IIS to set up a TCP connection with Tomcat.
Since you're new at this, a very quick ascii graphic schema :
browser <-- HTTP/TCP --> (IIS+Isapi_redirect) <-- AJP/TCP --> (AJP Connector + Tomcat)
IIS+Isapi_Redirect decides which URLs get forwarded to Tomcat.
For IIS+Isapi_Redirect, each Tomcat back-end is called a "worker".
The webapp response comes back the same way.
To the browser, everything looks like it is IIS serving it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by David kerber <dc...@verizon.net>.
On 7/14/2011 10:51 AM, David kerber wrote:
> On 7/14/2011 10:45 AM, André Warnier wrote:
>> David kerber wrote:
>> ...
>>
>>>
>>>> Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
>>>> I'm speculating there.
>>>
>>> I'll see if that might help; I've never heard of it.
>>>
>>
>> That is the "the newly-released "authenticator Valve" (?) available in
>> Tomcat 7 " solution I was talking about.
>>
>> David, getting the Windows user-id in Tomcat is quite complicated,
>> because Windows authentication is complicated.
>> Since you already have an IIS server involved, by far the easiest way is
>> my solution (1), which can be set up easily with an IIS-Tomcat connector
>> (the IIS-oriented version of mod_jk). See :
>> http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
>
> Thanks; I'll take a look.
That reference has tomcat and IIS installed on the same machine. Is
that a requirement, or is there a way of configuring it with tc on a
different machine (actually a different subnet, in my case)?
D
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by David kerber <dc...@verizon.net>.
On 7/14/2011 10:45 AM, André Warnier wrote:
> David kerber wrote:
> ...
>
>>
>>> Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
>>> I'm speculating there.
>>
>> I'll see if that might help; I've never heard of it.
>>
>
> That is the "the newly-released "authenticator Valve" (?) available in
> Tomcat 7 " solution I was talking about.
>
> David, getting the Windows user-id in Tomcat is quite complicated,
> because Windows authentication is complicated.
> Since you already have an IIS server involved, by far the easiest way is
> my solution (1), which can be set up easily with an IIS-Tomcat connector
> (the IIS-oriented version of mod_jk). See :
> http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
Thanks; I'll take a look.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by André Warnier <aw...@ice-sa.com>.
David kerber wrote:
...
>
>> Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
>> I'm speculating there.
>
> I'll see if that might help; I've never heard of it.
>
That is the "the newly-released "authenticator Valve" (?) available in Tomcat 7 " solution
I was talking about.
David, getting the Windows user-id in Tomcat is quite complicated, because Windows
authentication is complicated.
Since you already have an IIS server involved, by far the easiest way is my solution (1),
which can be set up easily with an IIS-Tomcat connector (the IIS-oriented version of
mod_jk). See : http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David,
On 7/14/2011 10:35 AM, David kerber wrote:
> On 7/14/2011 10:20 AM, Pid wrote:
>> On 14/07/2011 15:04, David kerber wrote:
>>>
>>> I'm not "forwarding" at all. The call to tomcat from the IIS
>>> page is just the "action" parameter of the form. The only
>>> connector is the standard http 1.1 connector.
>>
>> If their username& password really is configured in IIS, were you
>> hoping that Tomcat would magically interface with that? :s
>
> No, I was just hoping that some request header or parameter with the
> user name would be carried over when the call was made to the
> servlet, but it's not doing so. I don't need to fully authenticate
> them again, but do need their user ID.
So, you authenticate with IIS and then make requests directly to Tomcat
(no IIS involved), and you want the authentication information to get to
Tomcat?
That's not going to happen unless you are using HTTP Auth and the
original request path (to IIS) is a prefix of the URL used to access
Tomcat (and the WWW-Authenticate header is sent with all requests).
One option is to have IIS proxy the requests to Tomcat, and then you can
get the ISAPI redirector to send-over that authentication information
for you.
>> Tomcat 7 has SPNEGO support, which might enable cross-server SSO,
>> but I'm speculating there.
>
> I'll see if that might help; I've never heard of it.
I have no idea what SPNEGO is, either, but I think it allows Java to
authenticate against the Microsoft Windows world. You aren't collecting
credentials (from my reading of your posts), so that's not going to be
terribly useful to you.
Just remember: never trust any information you get from the client.
Remember the recent "credit card URL" hack. :)
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk4fAdkACgkQ9CaO5/Lv0PBekACeIWyiDHpjnBD3AsK4gdh6j158
YbUAniE6rnd5f24pGhj6nD4HBPsmxSkm
=OO1n
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by David kerber <dc...@verizon.net>.
On 7/14/2011 10:20 AM, Pid wrote:
> On 14/07/2011 15:04, David kerber wrote:
>> On 7/14/2011 9:50 AM, André Warnier wrote:
>>> David kerber wrote:
>>>> I have a situation where my users will be logging into their pages on
>>>> an IIS 5 web server, which authenticates them with their user ID and
>>>> password as configured in IIS. This works fine.
>>>>
>>>> Now I need to add some new functionality to the web site that will be
>>>> using my tomcat webapp, and I don't want them to have to authenticate
>>>> again in my app, so I'm trying to figure out how to pass the user ID
>>>> from the web page on IIS, to my webapp. I thought
>>>> request.getRemoteUser() would do it, but that's returning null, rather
>>>> than the loggged-in user ID.
>>>>
>>> You need to specify what you use to forward requests from IIS to Tomcat.
>>> If you are using Isapi_Redirect, then set the attribute
>>> "tomcatAuthentication" to false in the Tomcat AJP<Connector> (in
>>> server.xml).
>>
>> I'm not "forwarding" at all. The call to tomcat from the IIS page is
>> just the "action" parameter of the form. The only connector is the
>> standard http 1.1 connector.
>
> If their username& password really is configured in IIS, were you
> hoping that Tomcat would magically interface with that? :s
No, I was just hoping that some request header or parameter with the
user name would be carried over when the call was made to the servlet,
but it's not doing so. I don't need to fully authenticate them again,
but do need their user ID.
Any other suggestions, or am I going to have to go a different route?
> Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
> I'm speculating there.
I'll see if that might help; I've never heard of it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by Pid <pi...@pidster.com>.
On 14/07/2011 15:04, David kerber wrote:
> On 7/14/2011 9:50 AM, André Warnier wrote:
>> David kerber wrote:
>>> I have a situation where my users will be logging into their pages on
>>> an IIS 5 web server, which authenticates them with their user ID and
>>> password as configured in IIS. This works fine.
>>>
>>> Now I need to add some new functionality to the web site that will be
>>> using my tomcat webapp, and I don't want them to have to authenticate
>>> again in my app, so I'm trying to figure out how to pass the user ID
>>> from the web page on IIS, to my webapp. I thought
>>> request.getRemoteUser() would do it, but that's returning null, rather
>>> than the loggged-in user ID.
>>>
>> You need to specify what you use to forward requests from IIS to Tomcat.
>> If you are using Isapi_Redirect, then set the attribute
>> "tomcatAuthentication" to false in the Tomcat AJP <Connector> (in
>> server.xml).
>
> I'm not "forwarding" at all. The call to tomcat from the IIS page is
> just the "action" parameter of the form. The only connector is the
> standard http 1.1 connector.
If their username & password really is configured in IIS, were you
hoping that Tomcat would magically interface with that? :s
Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
I'm speculating there.
p
Re: Passing user id from web page to tomcat webapp
Posted by David kerber <dc...@verizon.net>.
On 7/14/2011 10:31 AM, André Warnier wrote:
> David kerber wrote:
>> On 7/14/2011 9:50 AM, André Warnier wrote:
>>> David kerber wrote:
>>>> I have a situation where my users will be logging into their pages on
>>>> an IIS 5 web server, which authenticates them with their user ID and
>>>> password as configured in IIS. This works fine.
>>>>
>>>> Now I need to add some new functionality to the web site that will be
>>>> using my tomcat webapp, and I don't want them to have to authenticate
>>>> again in my app, so I'm trying to figure out how to pass the user ID
>>>> from the web page on IIS, to my webapp. I thought
>>>> request.getRemoteUser() would do it, but that's returning null, rather
>>>> than the loggged-in user ID.
>>>>
>>> You need to specify what you use to forward requests from IIS to Tomcat.
>>> If you are using Isapi_Redirect, then set the attribute
>>> "tomcatAuthentication" to false in the Tomcat AJP <Connector> (in
>>> server.xml).
>>
>> I'm not "forwarding" at all. The call to tomcat from the IIS page is
>> just the "action" parameter of the form. The only connector is the
>> standard http 1.1 connector.
>>
> Ah, ok, I missed that.
> That's another thing altogether.
> So what is happening is this :
>
> a) user calls a page from IIS
> b) IIS delivers the page to the user's browser. The page contains a <form>.
> c) user posts the <form> directly to Tomcat (without going through IIS).
> d) Tomcat gets a normal POST request, directly from the user's browser.
Yes, that's it. The only missing thing is that I thought that since the
user has authenticated through IIS, that his user ID might be carried
along somewhere from the browser side. But that is not happening.
>
> So on the last leg (c+d), there is nothing that IIS can do to add the
> user-id, it is not in the loop.
>
> So you have to "convice" the user's browser to send the logged-in
> user-id to Tomcat.
>
> The only way I can see of doing that in this simplistic scenario is
> relatively simple, but *extremely insecure* :
>
> At step (b) above, have the IIS application which generates that html
> page, insert a form field like the following in the <form> :
> <input type="hidden" name="userid" value="*******">
> where ****** is the IIS user-id.
> The IIS user-id can be obtained (on the IIS side) by code such as the
> one Melinda posted.
> Then when the browser posts the form to Tomcat, there will be an
> additional POST parameter "userid" containing the user-id.
>
> Now again, the extreme insecurity :
> - userA requests the form from IIS
> - he gets a <form> with a hidden input containing the value "userA". So
> far, no problem.
> - he saves this form, edits it, and replaces "userA" by "userB" (his
> boss'es userid)
> - he posts that form to Tomcat
> Result #1 : in your Tomcat app, he is now considered as userB.
> Result #2 : if there is ever a security audit, you're dead
Yes, I had already thought of that method, and am hoping to avoid it.
This data page has extremely low security requirements, but I'd still
like something better if I can figure it out. If nothing else, I'll
then have something in my pocket when an application comes up that needs
better security.
>
> -----------------
>
> How it should be done :
>
> There are essentially 2 ways :
>
> 1) have the <form> posted back to IIS, and have IIS "proxy" (forward)
> this call to Tomcat, with IIS adding the IIS-authenticated user-id on
> the way
This is what I'd like to do, but it's new to me; Up to this point, the
IIS web site and the tomcat applications have been completely unrelated
and unconnected. I'll see what I can google up.
>
> 2) install additional logic in Tomcat, to allow Tomcat to authenticate
> the user (automatically) with the Windows domain (just like IIS itself
> does).
> That can be done in several ways, all of them requiring some serious
> configuration work.
> You can use :
> - the newly-released "authenticator Valve" (?) available in Tomcat 7
> - the Waffle software (look up in Google)
> - the commercial Jespa software (www.ioplex.com)
> - (there may be others which I do not know)
> All of the above suppose that your Tomcat is running on a computer that
> is itself within the Windows domain (or can be made part of it). So they
> will not work if the user workstations are inside the Windows domain,
> but the Tomcat server is outside on the Internet for example.
> (But that also can be solved, ask if you need this.)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by André Warnier <aw...@ice-sa.com>.
David kerber wrote:
> On 7/14/2011 9:50 AM, André Warnier wrote:
>> David kerber wrote:
>>> I have a situation where my users will be logging into their pages on
>>> an IIS 5 web server, which authenticates them with their user ID and
>>> password as configured in IIS. This works fine.
>>>
>>> Now I need to add some new functionality to the web site that will be
>>> using my tomcat webapp, and I don't want them to have to authenticate
>>> again in my app, so I'm trying to figure out how to pass the user ID
>>> from the web page on IIS, to my webapp. I thought
>>> request.getRemoteUser() would do it, but that's returning null, rather
>>> than the loggged-in user ID.
>>>
>> You need to specify what you use to forward requests from IIS to Tomcat.
>> If you are using Isapi_Redirect, then set the attribute
>> "tomcatAuthentication" to false in the Tomcat AJP <Connector> (in
>> server.xml).
>
> I'm not "forwarding" at all. The call to tomcat from the IIS page is
> just the "action" parameter of the form. The only connector is the
> standard http 1.1 connector.
>
Ah, ok, I missed that.
That's another thing altogether.
So what is happening is this :
a) user calls a page from IIS
b) IIS delivers the page to the user's browser. The page contains a <form>.
c) user posts the <form> directly to Tomcat (without going through IIS).
d) Tomcat gets a normal POST request, directly from the user's browser.
So on the last leg (c+d), there is nothing that IIS can do to add the user-id, it is not
in the loop.
So you have to "convice" the user's browser to send the logged-in user-id to Tomcat.
The only way I can see of doing that in this simplistic scenario is relatively simple, but
*extremely insecure* :
At step (b) above, have the IIS application which generates that html page, insert a form
field like the following in the <form> :
<input type="hidden" name="userid" value="*******">
where ****** is the IIS user-id.
The IIS user-id can be obtained (on the IIS side) by code such as the one Melinda posted.
Then when the browser posts the form to Tomcat, there will be an additional POST parameter
"userid" containing the user-id.
Now again, the extreme insecurity :
- userA requests the form from IIS
- he gets a <form> with a hidden input containing the value "userA". So far, no problem.
- he saves this form, edits it, and replaces "userA" by "userB" (his boss'es userid)
- he posts that form to Tomcat
Result #1 : in your Tomcat app, he is now considered as userB.
Result #2 : if there is ever a security audit, you're dead
-----------------
How it should be done :
There are essentially 2 ways :
1) have the <form> posted back to IIS, and have IIS "proxy" (forward) this call to Tomcat,
with IIS adding the IIS-authenticated user-id on the way
2) install additional logic in Tomcat, to allow Tomcat to authenticate the user
(automatically) with the Windows domain (just like IIS itself does).
That can be done in several ways, all of them requiring some serious configuration work.
You can use :
- the newly-released "authenticator Valve" (?) available in Tomcat 7
- the Waffle software (look up in Google)
- the commercial Jespa software (www.ioplex.com)
- (there may be others which I do not know)
All of the above suppose that your Tomcat is running on a computer that is itself within
the Windows domain (or can be made part of it). So they will not work if the user
workstations are inside the Windows domain, but the Tomcat server is outside on the
Internet for example.
(But that also can be solved, ask if you need this.)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by David kerber <dc...@verizon.net>.
On 7/14/2011 9:50 AM, André Warnier wrote:
> David kerber wrote:
>> I have a situation where my users will be logging into their pages on
>> an IIS 5 web server, which authenticates them with their user ID and
>> password as configured in IIS. This works fine.
>>
>> Now I need to add some new functionality to the web site that will be
>> using my tomcat webapp, and I don't want them to have to authenticate
>> again in my app, so I'm trying to figure out how to pass the user ID
>> from the web page on IIS, to my webapp. I thought
>> request.getRemoteUser() would do it, but that's returning null, rather
>> than the loggged-in user ID.
>>
> You need to specify what you use to forward requests from IIS to Tomcat.
> If you are using Isapi_Redirect, then set the attribute
> "tomcatAuthentication" to false in the Tomcat AJP <Connector> (in
> server.xml).
I'm not "forwarding" at all. The call to tomcat from the IIS page is
just the "action" parameter of the form. The only connector is the
standard http 1.1 connector.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by André Warnier <aw...@ice-sa.com>.
David kerber wrote:
> I have a situation where my users will be logging into their pages on an
> IIS 5 web server, which authenticates them with their user ID and
> password as configured in IIS. This works fine.
>
> Now I need to add some new functionality to the web site that will be
> using my tomcat webapp, and I don't want them to have to authenticate
> again in my app, so I'm trying to figure out how to pass the user ID
> from the web page on IIS, to my webapp. I thought
> request.getRemoteUser() would do it, but that's returning null, rather
> than the loggged-in user ID.
>
You need to specify what you use to forward requests from IIS to Tomcat.
If you are using Isapi_Redirect, then set the attribute "tomcatAuthentication" to false in
the Tomcat AJP <Connector> (in server.xml).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Passing user id from web page to tomcat webapp
Posted by "Savoy, Melinda" <Me...@texashealth.org>.
It is not java code. As I stated, I inherited this stuff. In speaking to my co-worker, he basically said that the DNS entry maps to an ASP page that contains the code below and then that value is sent back to my index.jsp page where I grab it via a servlet and validate it through my java code. Working with IIS I found to be a major issue and so on another java app where I do AD authentication, we use the Waffle product and it's fantastic and very easy to get up and running.
Sorry for the confusion. Regards.
-----Original Message-----
From: André Warnier [mailto:aw@ice-sa.com]
Sent: Thursday, July 14, 2011 9:01 AM
To: Tomcat Users List
Subject: Re: Passing user id from web page to tomcat webapp
Savoy, Melinda wrote:
> David,
>
> You might try the following, instead of getRemoteUser, as we use this to get the USERID from IIS. I inherited this code so I really can't speak to it a lot but it's working.
>
> Regards.
>
>
> ' **** get user ID from header ******************
>
> XUserID = Request.ServerVariables("AUTH_USER")
>
> L=Len(XUserID)
>
> if L > 0 then
> Pos = InStr( XUserID,"\")
>
> if Pos > 0 then
> ID = Right(XUserID,(L-Pos) )
> strUserID = ID
> end if
> else
> strUserID = XUserID
> end if
>
> isUserID = strUserID
>
Melinda,
*where* is that thing working ?
It doesn't look like any Java code to me ..
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
The information contained in this message and any attachments is intended only for the use of the individual or entity to which it is addressed, and may contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from disclosure under applicable law. If you are not the intended recipient, you are prohibited from copying, distributing, or using the information. Please contact the sender immediately by return e-mail and delete the original message from your system.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Passing user id from web page to tomcat webapp
Posted by "Propes, Barry L " <ba...@citi.com>.
Looks like ASP code.
-----Original Message-----
From: André Warnier [mailto:aw@ice-sa.com]
Sent: Thursday, July 14, 2011 9:01 AM
To: Tomcat Users List
Subject: Re: Passing user id from web page to tomcat webapp
Savoy, Melinda wrote:
> David,
>
> You might try the following, instead of getRemoteUser, as we use this to get the USERID from IIS. I inherited this code so I really can't speak to it a lot but it's working.
>
> Regards.
>
>
> ' **** get user ID from header ******************
>
> XUserID = Request.ServerVariables("AUTH_USER")
>
> L=Len(XUserID)
>
> if L > 0 then
> Pos = InStr( XUserID,"\")
>
> if Pos > 0 then
> ID = Right(XUserID,(L-Pos) )
> strUserID = ID
> end if
> else
> strUserID = XUserID
> end if
>
> isUserID = strUserID
>
Melinda,
*where* is that thing working ?
It doesn't look like any Java code to me ..
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by David kerber <dc...@verizon.net>.
On 7/14/2011 10:00 AM, André Warnier wrote:
> Savoy, Melinda wrote:
>> David,
>>
>> You might try the following, instead of getRemoteUser, as we use this
>> to get the USERID from IIS. I inherited this code so I really can't
>> speak to it a lot but it's working.
>>
>> Regards.
>>
>>
>> ' **** get user ID from header ******************
>>
>> XUserID = Request.ServerVariables("AUTH_USER")
>> L=Len(XUserID)
>> if L > 0 then
>> Pos = InStr( XUserID,"\")
>> if Pos > 0 then
>> ID = Right(XUserID,(L-Pos) )
>> strUserID = ID
>> end if
>> else
>> strUserID = XUserID
>> end if
>>
>> isUserID = strUserID
>>
>
> Melinda,
>
> *where* is that thing working ?
> It doesn't look like any Java code to me ..
It's VB (I recognize it).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Passing user id from web page to tomcat webapp
Posted by André Warnier <aw...@ice-sa.com>.
Savoy, Melinda wrote:
> David,
>
> You might try the following, instead of getRemoteUser, as we use this to get the USERID from IIS. I inherited this code so I really can't speak to it a lot but it's working.
>
> Regards.
>
>
> ' **** get user ID from header ******************
>
> XUserID = Request.ServerVariables("AUTH_USER")
>
> L=Len(XUserID)
>
> if L > 0 then
> Pos = InStr( XUserID,"\")
>
> if Pos > 0 then
> ID = Right(XUserID,(L-Pos) )
> strUserID = ID
> end if
> else
> strUserID = XUserID
> end if
>
> isUserID = strUserID
>
Melinda,
*where* is that thing working ?
It doesn't look like any Java code to me ..
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Passing user id from web page to tomcat webapp
Posted by "Savoy, Melinda" <Me...@texashealth.org>.
David,
You might try the following, instead of getRemoteUser, as we use this to get the USERID from IIS. I inherited this code so I really can't speak to it a lot but it's working.
Regards.
' **** get user ID from header ******************
XUserID = Request.ServerVariables("AUTH_USER")
L=Len(XUserID)
if L > 0 then
Pos = InStr( XUserID,"\")
if Pos > 0 then
ID = Right(XUserID,(L-Pos) )
strUserID = ID
end if
else
strUserID = XUserID
end if
isUserID = strUserID
-----Original Message-----
From: David kerber [mailto:dckerber@verizon.net]
Sent: Thursday, July 14, 2011 8:08 AM
To: Tomcat Users List
Subject: Passing user id from web page to tomcat webapp
I have a situation where my users will be logging into their pages on an
IIS 5 web server, which authenticates them with their user ID and
password as configured in IIS. This works fine.
Now I need to add some new functionality to the web site that will be
using my tomcat webapp, and I don't want them to have to authenticate
again in my app, so I'm trying to figure out how to pass the user ID
from the web page on IIS, to my webapp. I thought
request.getRemoteUser() would do it, but that's returning null, rather
than the loggged-in user ID.
Here's what I have so far:
The web page on IIS has a simple form to ask for an input, which is
needed by the webapp's Servlet (EddSrvConfig):
<form name="frmSiteSelect" action="http://<TC
server>/EddSrv/EddSrvConfig" method="GET">
<input type="hidden" name="txtCompany" value="90555">
<LABEL for="txtSiteID">Site: </LABEL>
<INPUT type="text" name="txtLocation">
<INPUT type="submit" name="butGetCharts" value="Get charts">
</form>
When I debug on the TC side, I get the request, and the parameters from
the <input> controls are there, but I don't get a user ID. How can I do
that? Do I need a different kind of call than a GET? A different
method than .getRemoteUser() in my webapp? Or what?
Thanks!
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
The information contained in this message and any attachments is intended only for the use of the individual or entity to which it is addressed, and may contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from disclosure under applicable law. If you are not the intended recipient, you are prohibited from copying, distributing, or using the information. Please contact the sender immediately by return e-mail and delete the original message from your system.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org