> It looks like you accidently removed the empty string check needed here for > ajp.RemoteUser (). > ajp.RemoteUser () should probably also be checked whether it is null before > calling toString.
No, I did it on purpose. It's a lot better to have the user set the behavior of the connector here. Since you want TC to authenticate the users, you don't have to do anything. OTOH, if you want the native webserver to authenticate, you should set the 'tomcatAuthentication' attribute to 'false' on the Connector element. As pointed out by Nacho, it makes the connector predictable. Also, the check for ajp.remoteUser() being equal to null is there (but obviously, it's only needed when 'tomcatAuthentication' is false). Remy -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
