Hello Mark,André, No success on my side for SSO, I have installed 9.0.26 and changed the config according to this mail but no success.
Regards, Heidi Leerink - Duverger -----Oorspronkelijk bericht----- Van: Mark Thomas <ma...@apache.org> Verzonden: dinsdag 10 september 2019 18:07 Aan: users@tomcat.apache.org Onderwerp: Re: SSO fails on Tomcat 9 On 10/09/2019 16:47, André Warnier (tomcat) wrote: > On 10.09.2019 15:38, Mark Thomas wrote: >> On 06/09/2019 13:20, Heidi Leerink - Duverger wrote: >>> Hello Mark, >>> >>> That helps somewhat, my browser now shows the login page for our >>> application, BUT I do not get my username in HTTP variable >>> REMOTE_USER but the principal keytab related name. >>> >>> So instead of hduverge I get HTTP/nlsl-decadetst.u4agr.com@U$AGR.COM >> >> The Tomcat Authenticator takes care of validating the user. In the >> configuration you provided the JAASRealm is - effectively - >> (re-)validating the contents of the keytab file. That is why you see >> the keytab principal as the authenticated user. >> >> Try replacing the JAASRealm with the AuthenticatedUserRealm. >> Something >> like: >> >> <Realm className="org.apache.catalina.realm.JAASRealm" >> allRolesMode="authOnly" > > Mmm. That looks like a typo, likely to confuse this OP even more, no ? Yep. Copy paste error. Should be: <Realm className="org.apache.catalina.realm.AuthenticatedUserRealm" allRolesMode="authOnly" /> Tx. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org