RE: IIS + Tomcat 5.0 + NT authentication AUTH_USER

Thu, 08 Jan 2004 14:45:28 -0800 

See if request.getHeader("Authorization") gives you anything.  That is what I have 
been using with IIS and Tomcat 4.X.  The data is Base64 encoded, but I have some code 
to grab the username and password from that if you need it.

-Brian

-----Original Message-----
From: Jason Wilson [mailto:[EMAIL PROTECTED] 
Sent: Thursday, January 08, 2004 12:54 PM
To: [EMAIL PROTECTED]
Subject: IIS + Tomcat 5.0 + NT authentication AUTH_USER


Hi,
 
I'm using 
  Tomcat 5.0.16
  connector-jk-2.0.2-win32-iis
  IIS 5.0

Currently my application is running under IIS + ColdFusion(Jrun), but will be 
migrating to a IIS/Tomcat server.  Since this is an intranet application on an NT 
network, where it is a requirement to have the users not have to implicitly logon, I 
am using NT authentication with IIS.  In other words, for the virtual directory, I 
have set the Anonomous access off, and Integrated Windows Authenticated on. 

In the IIS + ColdFusion setup, my servlet does a 
request.getHeader("AUTH_USER"); and this returns the domain/userid of the person 
logged into the client machine.  Then I can verify the user is allowed to use the 
application.  All is well.

However, in the IIS + Tomcat setup,
getHeader("AUTH_USER") is returning null.  I have
tried other header keys and get null also.

Also, I am sure IIS is authenticating the user, since
I cannot get to the application using a browser that
doesn't support the windows authentication.

So, it appears, for some reason, the connector is not
setting the AUTH_USER header when it transfers to the
Tomcat container.

Does anyone know how I can fix this so it does, or if
there is anything I might be doing wrong.

Thanks in advance,
Jason


__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes 
http://hotjobs.sweepstakes.yahoo.com/signingbonus

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to