What I finally did was remove my filter from the web.xml file all together and
I have a TEST index.jsp page that only contains the following:
<%...@page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
Here is my userid + <%=request.getRemoteUser()%>
I got to my INDEX page.
So that my app would go straight to the index.jsp page above and when I got the
index.jsp page up on my browser this is what I saw:
Here is my userid + null I got to my INDEX page.
So it would appear that the ISAPI filter is NOT integrated with my Tomcat
server completely even though in the ISAPI log it shows the following:
[Mon Jun 21 16:01:43.750 2010] [5608:1984] [debug] jk_isapi_plugin.c (1835):
Filter started
[Mon Jun 21 16:01:43.750 2010] [5608:1984] [debug] jk_uri_worker_map.c (1036):
Attempting to map URI '/localhost/SCMIS/index.jsp' from 3 maps
[Mon Jun 21 16:01:43.750 2010] [5608:1984] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/jkmanager=jkstatus' source 'uriworkermap'
[Mon Jun 21 16:01:43.750 2010] [5608:1984] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/*.action=scmisWorker' source 'uriworkermap'
[Mon Jun 21 16:01:43.750 2010] [5608:1984] [debug] jk_uri_worker_map.c (850):
Attempting to map context URI '/*.jsp=scmisWorker' source 'uriworkermap'
[Mon Jun 21 16:01:43.750 2010] [5608:1984] [debug] jk_uri_worker_map.c (863):
Found a wildchar match '/*.jsp=scmisWorker'
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (1916):
check if [/SCMIS/index.jsp] points to the web-inf directory
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (1932):
[/SCMIS/index.jsp] is a servlet url - should redirect to scmisWorker
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (1972):
fowarding escaped URI [/SCMIS/index.jsp]
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (2792):
Reading extension header HTTP_TOMCATWORKER6A6B0000: scmisWorker
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (2793):
Reading extension header HTTP_TOMCATWORKERIDX6A6B0000: 2
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (2794):
Reading extension header HTTP_TOMCATURI6A6B0000: /SCMIS/index.jsp
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (2795):
Reading extension header HTTP_TOMCATQUERY6A6B0000: (null)
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (2850):
Applying service extensions
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (3108):
Service protocol=HTTP/1.1 method=GET host=127.0.0.1 addr=127.0.0.1
name=localhost port=80 auth=NTLM user=TEXAS\SavoyM uri=/SCMIS/index.jsp
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (3120):
Service request headers=8 attributes=0 chunked=no content-length=0 available=0
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_worker.c (116): found a
worker scmisWorker
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_isapi_plugin.c (2162):
got a worker for name scmisWorker
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_ajp_common.c (3093):
acquired connection pool slot=0 after 0 retries
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_ajp_common.c (605): ajp
marshaling done
[Mon Jun 21 16:01:43.766 2010] [5608:1984] [debug] jk_ajp_common.c (2376):
processing scmisWorker with 2 retries
I am just not sure if the ISAPI log shows the info above why it is not
integrated properly. I am at a total loss at this point.
Any help would be appreciated.
Thank you.
-----Original Message-----
From: Savoy, Melinda
Sent: Monday, June 21, 2010 12:55 PM
To: 'Tomcat Users List'
Subject: Problem retrieving domain\userid from HttpServletRequest object
I am on what I hope is the last issue in trying to get authentication completed
on the IIS-Tomcat integration.
I have the ISAPI filter loaded and appears to be working properly per the ISAPI
log. IIS is sending the NTLM authorization header with the encrypted
domain\username and the ISAPI filter log shows the request info but I cannot
pick it up from the HttpFilter class below in the ServletRequest parameter.
The HttpFilter class that my application uses (using the Tomcat ServletRequest
object) to authenticate from the HttpServletRequest req as follows below does
NOT contain the domain\username when I issue the getRemoteUser() or the
getUserPrincipal.getName() methods because both come back as NULL:
public final void doFilter(final ServletRequest request, final ServletResponse
response, final FilterChain chain) throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
final HttpServletResponse resp = (HttpServletResponse) response;
String userID = req.getRemoteUser();
String userID2 = req.getUserPrincipal.getName();
try {
execute(req, resp);
} catch (FilterInterruptException e) {
return;
} catch (Exception e) {
log.severe(new HttpRequestDebugger(req).toString());
throw new ServletException(e);
}
chain.doFilter(request, response);
this.afterChain(req, resp);
}
I am using version Apache Tomcat 6.0.18.
Any suggestions on how to get to this info within JAVA. I cannot get to my
TEST index.jsp page that just shows the value for the userid because I cannot
get past this filter first and that is why I'm getting 401.2 errors back in my
browser.
Thank you.
Melinda Savoy
Sr. Programmer Analyst, ERP Systems
Innovative Technology Solutions
Texas Health Resources
600 E. Lamar Blvd, Ste 301, Arlington TX 76011
melindasa...@texashealth.org<mailto:melindasa...@texashealth.org>
Texas Health Resources: Arlington Memorial,
Harris Methodist and Presbyterian Hospitals
A shared mission and now a shared name.
The information contained in this message and any attachments is intended only
for the use of the individual or entity to which it is addressed, and may
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are prohibited from copying, distributing, or using the information. Please
contact the sender immediately by return e-mail and delete the original message
from your system.
The information contained in this message and any attachments is intended only
for the use of the individual or entity to which it is addressed, and may
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are prohibited from copying, distributing, or using the information. Please
contact the sender immediately by return e-mail and delete the original message
from your system.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
