I am trying to authenticate via Apache and use getRemoteUser in Tomcat. I want to serve static pages via Apache and run a web application through Tomcat. I am receiving a null for getRemoteUser in my simple Spy servlet. I have read in different places where the AJP connector requires the keyword "tomcatAuthentication" and other places where it says "request.tomcatAuthentication". I'm not sure whether I the security constraints define in the application's web.xml. I'm not even sure if I have to use a Location to secure the application, although that seemed to get me closest. In any case, I've tried lots of combinations:
1. tomcatAuthentication vs. request.tomcatAuthentication 2. Security constraints in the application web.xml vs. no constraints I've tried the four combinations of the above along with others. Supplying an authentication realm to the Location got me challenged when I tried to launch the servlet. That's the closest I've gotten, and changes to the other options above seem to make no difference. In the mod_jk.log file, I see the user ID being passed to the connector. I just don't see it in getRemoteUser in the servlet. Here are the last lines of the request from the mod_jk.log: 05 00 1E 42 61 73 69 63 20 53 6D 39 6C 49 46 42 - ...Basic.Sm9lIFB 73 64 58 52 68 4F 6D 46 77 59 57 4E 6F 5A 58 42 - sdXRhOmFwYWNoZXB 33 00 A0 08 00 01 30 00 03 00 09 4A 6F 65 20 50 - 3.....0....Joe.P 6C 75 74 61 00 04 00 05 42 61 73 69 63 00 FF 00 - luta....Basic... But the Spy servlet shows the remote user as null. (Interestingly, getRemoteHost and getRemoteAddr return valid information.) I'm out of ideas. Any help would be GREATLY appreciated. Joe My environment (Apache software are all binaries): Win2K3 Server JavaEE5 Apache 2.2.3 (Win32/x86) Tomcat 5.5.20 Mod_jk 2.2.3 In server.xml: <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" request.tomcatAuthentication="false" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" /> In web.xml for application NBSDev: <!-- Define a Security Constraint on this Application --> <security-constraint> <web-resource-collection> <web-resource-name>PWA Resources</web-resource-name> <url-pattern>/servlet/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>pwa</role-name> </auth-constraint> </security-constraint> <!-- Define the Login Configuration for this Application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>PICS Web Access (NBS1)</realm-name> </login-config> <!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to PWA </description> <role-name>pwa</role-name> </security-role> In workers.properties: # BEGIN workers.properties # Definition for Ajp13 worker worker.list=ajp13 worker.ajp13.port=8009 worker.ajp13.host=localhost worker.ajp13.type=ajp13 # END workers.properties In httpd.conf: ########## Auto generated on Sat Oct 07 10:16:25 CDT 2006########## # TOMCAT <Location "/NBSDev"> AllowOverride None AuthName "Web Access" AuthGroupFile conf/groups.acl AuthUserFile conf/users.acl AuthType Basic require valid-user Order allow,deny Allow from All </Location> <IfModule !mod_jk.c> LoadModule jk_module "D:/Apache/Apache/modules/mod_jk.so" # Where to find the workers file JkWorkersFile /Apache/Apache/conf/workers.properties # Where to put jk logs JkLogFile /Apache/Apache/logs/mod_jk.log # Set the jk log level [debug/error/info] JkLogLevel debug # Select the log format JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " # JkOptions indicate to send SSL KEY SIZE, # JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories # JkRequestLogFormat set the request format JkRequestLogFormat "%w %V %T" # Send EVERYTHING for context /NBSDev to worker named ajp13 JkMount /NBSDev/* ajp13 ### Below commented for testing # Send servlet for context /NBSDev to worker named ajp13 # JkMount /NBSDev/servlet/* ajp13 # Send JSPs for context /NBSDev to worker named ajp13 # JkMount /NBSDev/*.jsp ajp13 </IfModule> --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]