Hello Mark,André,
No success on my side for SSO, I have installed 9.0.26 and changed the config
according to this mail but no success.
Regards, Heidi Leerink - Duverger
-----Oorspronkelijk bericht-----
Van: Mark Thomas <ma...@apache.org>
Verzonden: dinsdag 10 september 2019 18:07
Aan: users@tomcat.apache.org
Onderwerp: Re: SSO fails on Tomcat 9
On 10/09/2019 16:47, André Warnier (tomcat) wrote:
> On 10.09.2019 15:38, Mark Thomas wrote:
>> On 06/09/2019 13:20, Heidi Leerink - Duverger wrote:
>>> Hello Mark,
>>>
>>> That helps somewhat, my browser now shows the login page for our
>>> application, BUT I do not get my username in HTTP variable
>>> REMOTE_USER but the principal keytab related name.
>>>
>>> So instead of hduverge I get HTTP/nlsl-decadetst.u4agr.com@U$AGR.COM
>>
>> The Tomcat Authenticator takes care of validating the user. In the
>> configuration you provided the JAASRealm is - effectively -
>> (re-)validating the contents of the keytab file. That is why you see
>> the keytab principal as the authenticated user.
>>
>> Try replacing the JAASRealm with the AuthenticatedUserRealm.
>> Something
>> like:
>>
>> <Realm className="org.apache.catalina.realm.JAASRealm"
>> allRolesMode="authOnly"
>
> Mmm. That looks like a typo, likely to confuse this OP even more, no ?
Yep. Copy paste error. Should be:
<Realm className="org.apache.catalina.realm.AuthenticatedUserRealm"
allRolesMode="authOnly" />
Tx.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
