Make sure you have tomcatAuthentication="false" in the AJP connector
definition in server.xml
How you get REMOTE_REALM and REMOTE_USER to the app within apache
httpd then depends on where the app is looking for that information
(getAttribute(), getHeader(), or getRemoteUser() ).
Actually, come to think about it, tomcatAuthentication only controls
how getRemoteUser() functions.
We've taught all of our developers to do getHeader() because we're in
a JBoss 7.x environment where we have to access to tweak the
underlying tomcat part of the application server.
With apache httpd we do:
RequestHeader unset X-Forwarded-User
RewriteCond %{IS_SUBREQ} ^false$
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=XFU:%1] [P]
RequestHeader set X-Forwarded-User %{XFU}e
RequestHeader unset X-Forwarded-Realm
RewriteCond %{IS_SUBREQ} ^false$
RewriteCond %{ENV:REMOTE_REALM} (.+)
RewriteRule . - [E=XFR:%1] [P]
RequestHeader set X-Forwarded-Realm %{XFR}e
--andy
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
