Hi Team, We are currently working on "Apache Tomcat Version 8.0.22". We are using Apache to host javacontainer for Rest calls for our Siebel application. The javacontainer is listening to Port 9001 as below-
<Connector port="9001" redirectPort="8443" connectionTimeout="20000" protocol="HTTP/1.1"/> We are trying to setup Windows Authentication in Apache by using Reverse Proxy with IIS, and have followed the below steps as per the Apache documentation. ---Steps followed : There are three steps to configuring IIS to provide Windows authentication. They are: 1. Configure IIS as a reverse proxy for Tomcat (see the IIS Web Server How-To). ---- This is done and working as expected 2. Configure IIS to use Windows authentication ---- This is done and working as expected 3. Configure Tomcat to use the authentication user information from IIS by setting the tomcatAuthentication attribute on the AJP connector to false. Alternatively, set the tomcatAuthorization attribute to true to allow IIS to authenticate, while Tomcat performs the authorization. Q1 ---- We were able to configure the reverse proxy with Anon user but the Windows authentication is failing at Apache level with below error :- Thread[http-nio-9001-exec-15,5,main] [2017-12-27 13:17:12.637] [null] Error while login : The username cannot be empty. Please select a username. Q2 ---- Our configuration is using "HTTP" protocol, do we need to change the server.xml entry for 9001 to use AJP protocol and then add entry " tomcatAuthentication=False" Q3 ---- Do we need to install AJP connector on top of Tomcat or its installed by default, or we do not need it for Windows Authentication. Thanks & Regards, Suraj Agrawal -----Original Message----- From: users-h...@tomcat.apache.org [mailto:users-h...@tomcat.apache.org] Sent: Wednesday, January 3, 2018 12:03 PM To: Agrawal, Suraj (CORP) <suraj.agra...@adp.com> Subject: WELCOME to users@tomcat.apache.org Hi! This is the ezmlm program. I'm managing the users@tomcat.apache.org mailing list. I'm working for my owner, who can be reached at users-ow...@tomcat.apache.org. Acknowledgment: I have added the address suraj.agra...@adp.com to the users mailing list. Welcome to users@tomcat.apache.org! Please save this message so that you know the address you are subscribed under, in case you later want to unsubscribe or change your subscription address. --- Administrative commands for the users list --- I can handle administrative requests automatically. Please do not send them to the list address! Instead, send your message to the correct command address: To subscribe to the list, send a message to: <users-subscr...@tomcat.apache.org> To remove your address from the list, send a message to: <users-unsubscr...@tomcat.apache.org> Send mail to the following for info and FAQ for this list: <users-i...@tomcat.apache.org> <users-...@tomcat.apache.org> Similar addresses exist for the digest list: <users-digest-subscr...@tomcat.apache.org> <users-digest-unsubscr...@tomcat.apache.org> To get messages 123 through 145 (a maximum of 100 per request), mail: <users-get.123_...@tomcat.apache.org> To get an index with subject and author for messages 123-456 , mail: <users-index.123_...@tomcat.apache.org> They are always returned as sets of 100, max 2000 per request, so you'll actually get 100-499. To receive all messages with the same subject as message 12345, send a short message to: <users-thread.12...@tomcat.apache.org> The messages should contain one line or word of text to avoid being treated as sp@m, but I will ignore their content. Only the ADDRESS you send to is important. You can start a subscription for an alternate address, for example "john@host.domain", just add a hyphen and your address (with '=' instead of '@') after the command word: <users-subscribe-john=host.dom...@tomcat.apache.org> To stop subscription for this address, mail: <users-unsubscribe-john=host.dom...@tomcat.apache.org> In both cases, I'll send a confirmation message to that address. When you receive it, simply reply to it to complete your subscription. If despite following these instructions, you do not get the desired results, please contact my owner at users-ow...@tomcat.apache.org. Please be patient, my owner is a lot slower than I am ;-) --- Enclosed is a copy of the request I received. Return-Path: <suraj.agra...@adp.com> Received: (qmail 46578 invoked by uid 99); 3 Jan 2018 17:02:40 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Jan 2018 17:02:40 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 0FA551805A5 for <users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org>; Wed, 3 Jan 2018 17:02:40 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -2.311 X-Spam-Level: X-Spam-Status: No, score=-2.311 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=es.adp.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id VFHSDlZ9kk9y for <users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org>; Wed, 3 Jan 2018 17:02:37 +0000 (UTC) Received: from mail4-6.adp.com (mail4-6.adp.com [170.146.221.105]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 9A4315FB29 for <users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org>; Wed, 3 Jan 2018 17:02:37 +0000 (UTC) Received: from pps.filterd (dc2prppedgevm06.sd.adp.com [127.0.0.1]) by dc2prppedgevm06.sd.adp.com (8.16.0.21/8.16.0.21) with SMTP id w03GvxXt011778 for <users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org>; Wed, 3 Jan 2018 11:02:31 -0600 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=es.adp.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=2013-03; bh=aP5VBhFXgJhRyaRmb2T5ltGt/4Mv6AIvp4DB+4uULA0=; b=cSpf/vMw+LoBgf6quydKf8gNyybQhXN6Wh7LWaKI3I1FNPFXpgfm3XIoIM3tqGV3BBPZ n/FajyhvuuVMAjSaLeXMOw8HdOPObRpCPuZj8+HoBLIHCJp/v3yqDHWf+5tgPsaKoixf xXOMrjbTSofmv26WqLXXet6L1EPvCVgzYbGbkjOCsGsThX1MznHAUPWLArnGZAICScxb PVLzDGDi81nqGv8gDmhZufpOJL5wOz5OMpetvZRc1rA4P+MiLmCI/2dqdR+cSmnTsHWw diV5ODor6I7RB9mGAp8VaNrLIgjxUaD4LIOqd8hqTte9HDA0HW6PR8cRlmr6BvkupSTv jQ== Received: from dc2prmbx02p.es.ad.adp.com ([11.2.5.19]) by dc2prppedgevm06.sd.adp.com with ESMTP id 2f67w8ndn2-4 for <users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org>; Wed, 03 Jan 2018 11:02:31 -0600 Received: from DC2PRMBX05A.ES.AD.ADP.com ([fe80::1e1:f4e3:4aed:9909]) by DC2PRMBX02P.ES.AD.ADP.com ([fe80::695f:11b4:5169:ada6%18]) with mapi id 14.03.0352.000; Wed, 3 Jan 2018 12:02:26 -0500 From: "Agrawal, Suraj (CORP)" <suraj.agra...@adp.com> To: "users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org" <users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org> Subject: RE: confirm subscribe to users@tomcat.apache.org Thread-Topic: confirm subscribe to users@tomcat.apache.org Thread-Index: AQHThLRUpZwjd7YbAkO+bYwSp9hqOqNiX7Vw Date: Wed, 3 Jan 2018 17:02:25 +0000 Message-ID: <2805d71e9491ee47a22b0e5af800d128318...@dc2prmbx05a.es.ad.adp.com> References: <1514998812.39535.ez...@tomcat.apache.org> In-Reply-To: <1514998812.39535.ez...@tomcat.apache.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [11.10.48.211] x-originalrecipientaddress: users-sc.1514998812.mddjdmnglleomhdaalpi-suraj.agrawal=adp....@tomcat.apache.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2018-01-03_12:,, signatures=0 ---------------------------------------------------------------------- This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, notify the sender immediately by return email and delete the message and any attachments from your system. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
