Re: [users@httpd] accessing REMOTE_USER through an Apache proxy

Fri, 30 Oct 2009 10:02:10 -0700 

On Oct 30, 2009, at 12:49 PM, André Warnier wrote:

Glad to have been of help.
One more nitpick however, below, lest you remain partly confused.



Yes, indeed.  I was confused by the "Same as the value of the CGI  
variable REMOTE_USER." statement in the  
HttpServletRequest.getRemoteUser javadoc, but you have again helped  
explain that.


Thanks again,
Devin



Devin Bougie wrote:
...

With the latest posted configuration,

I am able to see the REMOTE_USER HTTP header from the backend  
GlassFish Web Application (using HttpServletRequest.getHeader 
("REMOTE_USER")).

OK, and correct.

 As

you explain, HttpServletRequest.getRemoteUser and getUserPrincipal  
both return null because they are looking for the REMOTE_USER cgi- 
bin environment variable.

No, they are not.

A cgi-bin environment variable is only set by a webserver when  
running a cgi-bin program.
A servlet is not a cgi-bin program, and the servlet container which  
runs it, does not set any "environment variables" for the servlet.
If HttpServletRequest.getRemoteUser and  
HttpServletRequest.getUserPrincipal return null, it is because they  
both look into the UserPrincipal object, which is probably not set,  
because you have not done any authentication (yet) in your servlet  
container.



You have just read a HTTP header, and gotten back a String as a  
result.  That does not, for the servlet container, constitute reason  
enough to take that String, consider it as a bona fide user-id, and  
set it into the UserPrincipal object so that  
HttpServletRequest.getRemoteUser would nicely return it. Hence the  
nulls.


So it looks like you still have some work to do.
But that is now a question which belongs to the GlassFish forum.


---------------------------------------------------------------------

The official User-To-User support forum of the Apache HTTP Server  
Project.

See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

























					Reply via email to