Let me ask another question if I might in addition to the one below: In my ISAPI log it shows:
[Wed Jun 23 09:50:59.568 2010] [5024:6028] [debug] jk_isapi_plugin.c (3108): Service protocol=HTTP/1.1 method=GET host=127.0.0.1 addr=127.0.0.1 name=localhost port=80 auth=NTLM user=TEXAS\SavoyM uri=/index.jsp The value of "80" is shown, my question is does this line in my ISAPI log show the request as to where it is coming from, meaning IIS since IIS is on port 80? My tomcat app is running on port 9080. Just curious. I think, I am going on to try Waffle, instead of trying to pursue this any further. dB has been kind enough to offer his help in getting me setup. I just thought I'd ask this one last question. Thanks for all the time and help. Regards. -----Original Message----- From: Savoy, Melinda Sent: Wednesday, June 23, 2010 7:50 AM To: 'Tomcat Users List'; 'p...@pidster.com' Subject: RE: Still having problem retrieving user value from ISAPI Filter for authentication Let me ask, what maybe a stupid question now, but when I print out the enumeration value of the request header names, see below, using request.getHeaderNames() should the user be listed as one of the headers which is passed on from the ISAPI filter: === MimeHeaders === accept = */* accept-language = en-us connection = Keep-Alive host = localhost user-agent = Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MS-RTC LM 8; MS-RTC EA 2) authorization = NTLM TlRMTVNTUAADAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAABcKIogUBKAoAAAAP accept-encoding = gzip, deflate content-length = 0 Thank you. -----Original Message----- From: Pid [mailto:p...@pidster.com] Sent: Wednesday, June 23, 2010 6:52 AM To: Tomcat Users List Subject: Re: Still having problem retrieving user value from ISAPI Filter for authentication On 23/06/2010 10:45, Rainer Jung wrote: > On 23.06.2010 09:51, Pid wrote: >> On 23 Jun 2010, at 02:40, Rainer Jung<rainer.j...@kippdata.de> wrote: >> >>> On 22.06.2010 21:59, Marc Boorshtein wrote: >>>>> >>>>> Unless you are going to authenticate via one of Tomcat's >>>>> authentication methods; BASIC, FORM, etc, then getRemoteUser() is >>>>> going to return null. >>>>> >>>>> You'll need to add a security constraint, login-config and >>>>> security-role to your web.xml to test getRemoteUser(); in just Tomcat. >>>>> >>>> >>>> This shouldn't be the case since she put tomcatAuthentication="false" >>>> tomcat should be taking the username from the JK_REMOTE_USER >>>> attribute. >>>> >>>> Have you tried a wireshark packet capture? >>> >>> The log file of the ISAPI redirector she presented already contains >>> a dump of the AJP packet the redirector is going to send out. The >>> dump shows the correct user string contained in the packet. >>> >>> I've got no idea what's wrong here. >> >> Would you expect the user value normally to be set as another >> (REMOTE_USER type) header by ISAPI? > > No, it gets send as an AJP specific request attribute that the AJP > connectors know about. It's not an HTTP header. OK, and I'm guessing that if there was a way to get the AJP connector to dump those attributes you'd have said so by now. p > Regards, > > Rainer > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > The information contained in this message and any attachments is intended only for the use of the individual or entity to which it is addressed, and may contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from disclosure under applicable law. If you are not the intended recipient, you are prohibited from copying, distributing, or using the information. Please contact the sender immediately by return e-mail and delete the original message from your system. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
