Re: How can I get the user value in the request forwarded to my Tomcat in my Java app?

Thu, 27 May 2010 08:17:08 -0700 

On 27.05.2010 16:42, Savoy, Melinda wrote:

In my isapi.log I am getting the user value (indicated below in BOLD RED font) 
from IIS using the Tomcat connector and my understanding from others on this 
list is that I should be able to get at that user value by using the 
HttpServletRequest getRemoteUser() however, I am getting a NULL value when 
doing that.  I'm sure I'm doing something stupid but I just can't see it.

Here is what is in my isapi.log:

[Thu May 27 09:11:21.706 2010] [4656:4920] [debug] jk_isapi_plugin.c (3108): 
Service protocol=HTTP/1.1 method=GET host=127.0.0.1 addr=127.0.0.1 
name=localhost port=80 auth=Negotiate user=TEXAS\SavoyM uri=/SCMIS/index.jsp

Here is the code I'm using in Java to get at the user value above:

public User authenticate(final HttpServletRequest request, final 
HttpServletResponse response) throws IOException {

                 // Initialize the User object
                 User user = null;

                 // 1. Initiate the IIS authentication process.
                 final String auth_user = request.getRemoteUser();
                 final String auth_user2 = request.getUserPrincipal().getName();

                 // 2. Create a User object with the user name
                 if (auth_user != null)
                         user = new User(auth_user, "");

                 // 3. Check to see if the user is populated
                 if (auth_user == null)
                         throw new UnauthorizedException(response, user);

                 // 4. Perform authentication if user not already authenticated
                 if (SecurityContext.getUser(request) == null) {
                         // a. Verify the user credentials
                         if (!manager.verify(user))
                                 return null;

                         // b. Load the application-managed User object and 
save into the context
                         user = manager.load(user);
                         SecurityContext.setUser(user, request);
                         return user;
                 }

                 return SecurityContext.getUser(request);
         }

As you can see I've also tried to get to the user by using the 
getUserPrincipal.getName() but that produces a NPE.

Any help or direction from someone who knows Java would be greatly appreciated.
Please post the complete settings of your AJP Connector element in server.xml. We want to check your "tomcatAuthentication" setting. 

What happens, if you put

<%=request.getremoteUser()%>
as the only content into SCMIS/index.jsp and then request the URL http://localhost/SCMIS/index.jsp in the browser? How does the above log line look, and what do you get in the browser window? 

Regards,

Rainer


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to