it only collects the username of the logged in user yes, not ad info. not sure if this is true, but ensure integrated windows security is on the virtual jakarta folder pointed to the jk dll too. i'm not sure if your situation is muddied by jboss in the mix, as i am not familiar with jboss (yet)
not sure what else to tell you .. i've tested taking off WIS on my website, and the remote user goes blank. this is a tried and tested method, so something else must be getting in the way your end. cheers > -----Original Message----- > From: Scott Shaver [mailto:[EMAIL PROTECTED] > Sent: 26 October 2005 19:29 > To: tomcat-user@jakarta.apache.org > Subject: RE: jCIFS Jboss Tomcat IIS NTLM Authentication > > > I thought I tried that but I'll give it another go. Won't > this mean that > the user's realm groups (security groups from active > directory) won't be > loaded then? If tomcat doesn't do the authentication via the filter I > would assume that would be the case. That won't work for me if it is > true. > > The application I have is an employee portal. I want the user to not > have to log in to be authenticated. I have this working perfectly in > WebLogic but I'm exploring a possible move to JBoss. I use the user's > groups to avoid displaying certain sections of the portal. > > gave it another go: > > Okay so I took out the filter from the web app and set the "Integrated > Windows Security" to on for the site and the redirector > directory. I've > got the tomcatAuthentication=false set in the AJP 1.3 > Connector element > in the server.xml. > > <Connector port="8009" address="${jboss.bind.address}" > debug="99" > emptySessionPath="true" enableLookups="false" redirectPort="8443" > > protocol="AJP/1.3" > tomcatAuthentication="false" > minProcessors="5" > maxProcessors="15" > /> > > This let me into the app but with a blank getRemoteUser() value. > Obviously not what I need. > > (no disclaimer) > > > -----Original Message----- > > From: Allistair Crossley [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, October 26, 2005 4:42 AM > > To: Tomcat Users List; tomcat-user@jakarta.apache.org > > Subject: RE: jCIFS Jboss Tomcat IIS NTLM Authentication > > > > if you're using IIS in front of your application you don't > > need to use jCIFs. All you do is set the directory > > permissions on your website to Integrated Windows > > Authentication, then configure your Tomcat AJP Connector > > element with tomcatAuthentication="false". Then > > request.getRemoteUser() will return the Windows username. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > <FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> ------------------------------------------------------- QAS Ltd. Registered in England: No 2582055 Registered in Australia: No 082 851 474 ------------------------------------------------------- </FONT> <FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLACK> Disclaimer: The information contained within this e-mail is confidential and may be privileged. This email is intended solely for the named recipient only; if you are not authorised you must not disclose, copy, distribute, or retain this message or any part of it. If you have received this message in error please contact the sender at once so that we may take the appropriate action and avoid troubling you further. Any views expressed in this message are those of the individual sender. QAS Limited has the right lawfully to record, monitor and inspect messages between its employees and any third party. Your messages shall be subject to such lawful supervision as QAS Limited deems to be necessary in order to protect its information, its interests and its reputation. Whilst all efforts are made to safeguard Inbound and Outbound emails, QAS Limited cannot guarantee that attachments are virus free or compatible with your systems and does not accept any liability in respect of viruses or computer problems experienced. </FONT> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
