I use IIS 10.0 as a reverse proxy of Tomcat 7. IIS 10.0 use Windows Authentication. When I run the javax.servlet.http.HttpServletRequest.getAuthType() method I get the null value. When I run the javax.servlet.http.HttpServletRequest.getRemoteUser() method I get the null value. Using IIS 6.1 with the same version of Tomcat everything works fine. When I run the javax.servlet.http.HttpServletRequest.getAuthType() method I get "NTLM" string. When I run the javax.servlet.http.HttpServletRequest.getRemoteUser() method I get the name of the user who authenticated with IIS. The configuration of the two versions of IIS appears to be the same. Seems to be missing some AJP headers including: remote_user (0x03) and auth_type (0x04) which instead are sent from IIS 6.1.
Below isapi connector debug log (auth and user are null): Fri Jul 09 17:00:52.743 2021] [4608:4712] [debug] init_ws_service::jk_isapi_plugin.c (3295): Service protocol=HTTP/1.1 method=GET host=10.10.12.102 addr=10.10.12.102 name=qa-b2b.dasitgroup.it port=443 auth=(null) user=(null) uri=/s2wweb/faces/login.xhtml Product: Tomcat Connectors Component: isapi Version: 1.2.48 Windows version: Windows Server 2016 IIS Version: 10.0 Tomcat version: 7 Thank you, Paolo Clerici --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
