Hi Piccoli & Group, Yes, it works (-ish) with request.tomcatAuthentication=false, but despite of what the switch should do, the Tomcat is still Requesting a full groups-list from the DC / AD every time, even if the IIS has already done the auth. On big systems this creates a not bearable network load and delay.
Is this a known prob ? Is my version/config wrong or is it meant to do that ? If yes, why ? -- Björn Andersen _____________________________ Webservices > -----Ursprüngliche Nachricht----- > Von: Piccoli, Lucio [mailto:[EMAIL PROTECTED] > Gesendet: Dienstag, 9. März 2004 00:06 > An: Tomcat Users List > Betreff: RE: JK contra JK2 with IIS-Authentification > > Have you tried the setting in jk2.proprties > > #gets tomcat to obtain authentication from jk which gets from > IIS request.tomcatAuthentication=false > > > -lp > > -----Original Message----- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > > Sent: Monday, 8 March 2004 10:23 PM > > To: [EMAIL PROTECTED] > > Subject: JK contra JK2 with IIS-Authentification > > > > Hi Group, > > > > We used JK 1.2.5 isapi-redirector in our IIS. The IIS > authenticates the > > Users against the domain, and many applications take this info from > > request.getremoteuser and work with it. > > > > With JK2, this doesn't work any more. There is no Username passed to > > Tomcat. > > > > Why? Or anybody knows a workaround? > > > > Thanx for your braintime.. > > -- > > Björn Andersen > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]