Nikhil schrieb:
On Wed, Jul 16, 2008 at 2:52 PM, Rainer Jung <[EMAIL PROTECTED]>
wrote:
To repeat two of my questions:
What do you expect to be the value of the 'REMOTE_USER' variable?
Do you expect something else, than what you get from
request.getRemoteUser()?
After I understand that, we can find an appropriate solution.
Regards,
Rainer
Hi Rainer,
REMOTE_USER variable value is always expected to be as set by the httpd
process and passed onto the tomcat.
Do you expect something else, than what you get from
request.getRemoteUser()?
No, but I would not want to have this method invoked everytime I want to
know a logged in account instead an already set (global) variable value
(preferrably by httpd and passed onto the tomcat) would do.
OK. REMOTE_USER goes back to the times oF CGI. At that time the web
server could only pass along information to the CGI process via
environmnt variables, because it had to start an external process for
doing CGI.
The servlet spec tries to make the same information available in the
context of a java web container. The correct way of retrieving the name
of the authenticated user from the container *is*
request.getRemoteUser(). In java you would nearly always implement a
"global variable" as a member of some object, which you retrieve via a
getter function. request.getRemoteUser() is the right and standards
conforming way to do it.
When the web container has a web server in front, e.g. Apache httpd and
a connection component like mod_jk, usually the combination tries to
hide the information, that the architecture is more complex, from the
webapp developer. So Apache/mod_jk/Tomcat correctly configured provide
the user name authenticated by httpd to the webapp in exactly the same
way, as it would be seen without Apache and mod_jk. That way the
developer doesn't have to know the details. So using
request.gerRemoteUser() still is the correct way.
The only thing to configure is tomcatAuthentiction="false" in order to
tell Tomcat to trust the authentication done by Apache and not try to do
authentication itself.
Regards,
Rainer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]