On Wed, Feb 20, 2013 at 11:45 AM, Liam Hoekenga <li...@umich.edu> wrote: > >> With apache httpd we do: >> >> RequestHeader unset X-Forwarded-User >> >> RewriteCond %{IS_SUBREQ} ^false$ >> RewriteCond %{LA-U:REMOTE_USER} (.+) >> RewriteRule . - [E=XFU:%1] [P] >> RequestHeader set X-Forwarded-User %{XFU}e > > > Alas, trying this with KRB5CCNAME is only returning "null".
Hmm. And you have CosignGetKerberosTickets set to 'on' yes? It should also go without saying that you'll need tomcat and httpd to run under the same user so that your application running under tomcat can read the file under /var/tmp that httpd is writing to for KRB5CCNAME, but that's after you can get KRB5CCNAME populated. --andy ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss