Tomcat, IIS, Integrated Windows Authentication, and request.getRemoteUser()

[Michael Neel <mi...@gmail.com>]

I'm running Tomcat 5.5.9 connected to IIS 5.1 with the
isapi_redirect.dll using AJP/1.3.  I am trying to enable Integrated
Windows Authentication in IIS and have Tomcat access the username of
the remote user.

I've tried:

---server.xml---

<Connector port="8009" tomcatAuthentication="false"
  enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />

and:

---server.xml---

<Connector port="8009" request.tomcatAuthentication="false"
  enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />

and:

---server.xml---

<Connector port="8009" propertiesFile="conf/jk2.properties"
  enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />

---jk2.properties---

request.tomcatAuthentication=false


I've tried accessing the username in JSP/JSTL with the following:

<% out.println(request.getRemoteUser()); %>
<c:out value="${pageContext.request['remoteUser']}"/>

In all cases, the value has been empty.  I have verified NTLM is
working through ASP and by checking for the authorization: NTLM header
in JSP.  I tried to parse the NTLM header, but the username is not
passed in.

I've been searching the web and group, but can't find what I'm missing.

Mike

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Tomcat, IIS, Integrated Windows Authentication, and request.getRemoteUser()

[Michael Neel <mi...@gmail.com>]

Okay, I found out that I needed the virtual directory pointing at the
redirect dll to also have windows auth enabled.

As a follow-up question, I went looking for documentation on this
setup and other possible features there maybe I can use and couldn't
find any.  Does anyone have a link to redirector docs that cover stuff
like this?  So far i've only found basic install information.

Mike

On 12/7/05, Michael Neel <mi...@gmail.com> wrote:
> I'm running Tomcat 5.5.9 connected to IIS 5.1 with the
> isapi_redirect.dll using AJP/1.3.  I am trying to enable Integrated
> Windows Authentication in IIS and have Tomcat access the username of
> the remote user.
>
> I've tried:
>
> ---server.xml---
>
> <Connector port="8009" tomcatAuthentication="false"
>   enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
>
> and:
>
> ---server.xml---
>
> <Connector port="8009" request.tomcatAuthentication="false"
>   enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
>
> and:
>
> ---server.xml---
>
> <Connector port="8009" propertiesFile="conf/jk2.properties"
>   enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
>
> ---jk2.properties---
>
> request.tomcatAuthentication=false
>
>
> I've tried accessing the username in JSP/JSTL with the following:
>
> <% out.println(request.getRemoteUser()); %>
> <c:out value="${pageContext.request['remoteUser']}"/>
>
> In all cases, the value has been empty.  I have verified NTLM is
> working through ASP and by checking for the authorization: NTLM header
> in JSP.  I tried to parse the NTLM header, but the username is not
> passed in.
>
> I've been searching the web and group, but can't find what I'm missing.
>
> Mike
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org