Re: SSO and Tomcat/IIS

[Brien Dieterle]

** We created an "arsys" folder within IIS, and uncheck enable anonymous.  I think your user is getting to tomcat as anonymous, and hence the RemoteUser is null... Brien On 1/21/2011 1:05 PM, sphilben wrote: ** Listers:   I am having nothing but problems with SSO and Tomcat and IIS.   Here is the environment.   Windows Server 2003   ARS 7.5 p007   MidTier 7.5 p007   Apache 5.5.28   IIS 6   I followed the instructions included in the AREA_SSO_ALL_v206MT_v209AREA zip file. I put all the relevant files in the relevant places and updated the ar.cfg, areasso.cfg, sso.poperties, and server.xml (in the tomcat conf directory) files.   Now when I try to log in to the http://server/arsys/home URL, I get the login page and do not automatically log in. I do have this running fine on a different server so I know it works in our environment. When I look at the midtier logs, I see the following:   FINE (com.remedy.log.SERVLET) : GoatServlet: url="" class="moz-txt-link-freetext" href="http://servername/arsys/home">http://servername/arsys/home FINE (com.remedy.log.SERVLET) : cookie=IP-Restriction-GUID="de7761d6bb1fefd3:-6979205e:12da4e6c608:-8000" FINE (com.remedy.log.SERVLET) : GoatServlet: No session or new session FINE (com.remedy.log.SESSION) : Login: establishing Session FINE (com.remedy.log.SESSION) : SSO ERROR: RemoteUser name is null or empty. Using default login page FINE (com.remedy.log.SESSION) : Login: Custom authenticator failed. Trying default authenticator FINE (com.remedy.log.SESSION) : DefaultAuthenticator: Credentials requested FINE (com.remedy.log.SESSION) : DefaultAuthenticator.redirectToLogin: url="">   So SSO is not getting RemoteUser name. Not sure what that means or how I can fix it but it has become annoying.   And, yes, I did change the server.xml file in the apache conf directory to read: <!--  Define an AJP 1.3 Connector on port 8009 -->   <Connector URIEncoding="UTF-8" enableLookups="false" tomcatAuthentication="false" port="8029" protocol="AJP/1.3" redirectPort="8443" />   So I know that Tomcat is not trying to authenticate. IIS should be.   In IIS I have "Enable anonymous access" checked and "Integrated Windows authentication" checked.   I also pointed my working MidTier server to this new upgrded AR Server and added the IP to the areasso.cfg on the AR Server and everything worked fine. This tells me the AR Server side stuff is working but not the new MidTier. Are there Windows settings or something else on the "new" MidTier I should be checking? Does anyone have any ideas on this error? _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_