Bug 20300 - HttpServletRequest getRemoteUser() does not return user authenticated by Apache
Summary: HttpServletRequest getRemoteUser() does not return user authenticated by Apache
Status: RESOLVED DUPLICATE of bug 21146
Alias: None
Product: Tomcat 4
Classification: Unclassified
Component: Connector:Coyote JK 2 (deprecated) (show other bugs)
Version: 4.1.18
Hardware: PC All
: P3 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-05-28 13:23 UTC by Yaron Parasol
Modified: 2005-03-20 17:06 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yaron Parasol 2003-05-28 13:23:53 UTC 
Using Apache 2.0.45 with mod_sspi (NTLM) and Tmocat 4.1.18
The user is being proprly authenticated by the Apache. However, the 
HttpServletRequest.getRemoteUser() return null. I tried setting 
request.tomcatAuthentication to true in jk.properties but that didn't work as 
well
Comment 1 prefab 2003-06-29 21:25:42 UTC 
we had the same problem (apache 2.0.46, mod_sspi (kerberos), tomcat 4.1.24, jk2
all win32). You should set request.tomcatAuthentication to "false" and then
HttpServletRequest.getRemoteUser() returns REMOTE_USER from apache.
Authorisation type returns null though. (jk returned "Negotiate" or "NTLM"
correctly). See bug 21146 for more info.
Comment 2 Mark Thomas 2004-09-12 18:50:01 UTC 
Marking this as a duplicate since 21146 has more information.

*** This bug has been marked as a duplicate of 21146 ***