You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/08/08 17:49:34 UTC

DO NOT REPLY [Bug 11563] New: - Authorization information not available at TOMCAT side (JSP: getRemoteUser())

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11563>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11563

Authorization information not available at TOMCAT side (JSP: getRemoteUser())

           Summary: Authorization information not available at TOMCAT side
                    (JSP: getRemoteUser())
           Product: Tomcat 4
           Version: 4.0.4 Final
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: Webapps:Examples
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: raeuftlinr@post.ch


My configuration: Apache 2.0.39 with mod_auth_sspi and mod_jk:

The apache configuration (httpd.conf): 
....
LoadModule sspi_auth_module modules/mod_auth_sspi.so
# mod_auth_sspi config.
<IfModule mod_auth_sspi.c>
 <Location /examples/>
   AuthType SSPI
   SSPIAuth On
   SSPIAuthoritative On
   SSPIOfferBasic Off
   SSPIBasicPreferred Off
   require valid-user
 </Location>
</IfModule>
....

When I run the examples/jsp/snoop.jsp under TOMCAT 4.0.3, I get the right 
remote host and user (Authorization scheme: NTLM). When I ran the same example 
under TOMCAT 4.0.4. this 2 fields are "null"! The protocol Apache-TOMCAT is 
always AJP13.

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>