Thanks Leo. I've got the same setup in IIS regarding integrated windows security. However, IIS is on port 80 and Tomcat is on 9080 so as not to conflict.
IIS is giving the ISAPI filter the user info that I'm looking for as indicated in the ISAPI log. Thanks for trying. It's appreciated. -----Original Message----- From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov] Sent: Tuesday, June 22, 2010 6:13 PM To: 'Tomcat Users List' Subject: RE: OT RE: Still having problem retrieving user value from ISAPI Filter for authentication >From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov] >Subject: OT RE: Still having problem retrieving user value from ISAPI >Filter for authentication >> >Doesn't the url mapping in the uriworkermap.properties file interrupt >IIS from passing authentication to Tomcat? > >If you restrict access to a virtual directory in IIS, mapped to a >servlet or webapp in Tomcat, and there is a URL for that servlet/webapp >in uriworkermap.properties, wouldn't Tomcat allow access even though IIS >attempts to say no? > >I still have a server with IIS and the isapi_redirect.dll "Jakarta >filter" running internally. > >I created a new website in IIS, called test, using IIS port 8088, mapped >to the examples directory in Tomcat 6.0.26 (Tomcat's HTTP port is still >8080) >I added the "Jakarta" virtual directory to test. >I removed anonymous access and checked integrated windows security for >test. > >http://localhost:8088 supply credentials of user not allowed to this >directory - yields no access. >http://localhost:8088/examples I get right through, no challenge from >IIS. > >http://localhost:8088 supply credentials of user allowed, snoop JSP >works, but Remote User is null. Everything else in snoop output had a >value. > I stand corrected, as usual. Snoop JSP does display my login info. However, my browser is now set to supply credentials for internal sites. "Automatic login only in Intranet zone". IE 7 Internet Options Security Custom Level Scroll all the way down to User Authentication. isapi_redirect.dll version 1.2.27 IIS 6.0 Windows Server 2003 http://localhost:8088/examples/jsp/snp/snoop.jsp Request Information JSP Request Method: GET Request URI: /examples/jsp/snp/snoop.jsp Request Protocol: HTTP/1.1 Servlet path: /jsp/snp/snoop.jsp Path info: null Query string: null Content length: 0 Content type: null Server name: server name Server port: 8088 Remote user: PLANDEV\donahuel Remote address: my ip Remote host: my ip Authorization scheme: Negotiate Locale: en_US --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org The information contained in this message and any attachments is intended only for the use of the individual or entity to which it is addressed, and may contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from disclosure under applicable law. If you are not the intended recipient, you are prohibited from copying, distributing, or using the information. Please contact the sender immediately by return e-mail and delete the original message from your system. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
