>From: Marc Boorshtein [mailto:mboorsht...@gmail.com] >Subject: Re: Still having problem retrieving user value from ISAPI >Filter for authentication > >> >> Unless you are going to authenticate via one of Tomcat's >authentication methods; BASIC, FORM, etc, then getRemoteUser() is going >to return null. >> >> You'll need to add a security constraint, login-config and security- >role to your web.xml to test getRemoteUser(); in just Tomcat. >> > >This shouldn't be the case since she put tomcatAuthentication="false" >tomcat should be taking the username from the JK_REMOTE_USER >attribute. > >Marc
Doesn't the url mapping in the uriworkermap.properties file interrupt IIS from passing authentication to Tomcat? If you restrict access to a virtual directory in IIS, mapped to a servlet or webapp in Tomcat, and there is a URL for that servlet/webapp in uriworkermap.properties, wouldn't Tomcat allow access even though IIS attempts to say no? I still have a server with IIS and the isapi_redirect.dll "Jakarta filter" running internally. I created a new website in IIS, called test, using IIS port 8088, mapped to the examples directory in Tomcat 6.0.26 (Tomcat's HTTP port is still 8080) I added the "Jakarta" virtual directory to test. I removed anonymous access and checked integrated windows security for test. http://localhost:8088 supply credentials of user not allowed to this directory - yields no access. http://localhost:8088/examples I get right through, no challenge from IIS. http://localhost:8088 supply credentials of user allowed, snoop JSP works, but Remote User is null. Everything else in snoop output had a value. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
