So, I'm working in an University setting, where someone else has set up Tomcat 4.03 and Apache 1.3 together, with the Apache SSL module and the Apache Kerberos 3rd party module installed. The Kerberos module sets the authenication header w/ a basic attribute and a representation of the kerberos key. It should, in theory, set the request.getRemoteUser() as well, but it is always null. So, the question:
Shouldn't Apache set the RemoteUser variable with basic authentication? Shouldn't it be passed in the header to tomcat? Why me? (ok, so that's rhetorical...) Any suggestions? Everything else works fine... Thanks in advance... Mike
