We have been unable to successfully use the getRemoteUser method from within a Web Application running on GlassFish v2.1.
We proxy from Apache to our web application and restrict access using mod_auth_kerb in Apache. We would like the web application to be able to see who has authenticated. The Apache proxy and Kerberos authentication work properly, but the java getRemoteUser method always returns null. I believe this is because it cannot see the http REMOTE_USER variable. I would greatly appreciate any suggestions for configuring this properly.
Here is the relevant portion of our http configuration:
------
######
# GlassFish proxy
ProxyPreserveHost on
RewriteEngine on
RequestHeader Set Proxy-keysize 512
RequestHeader Set Proxy-ip %{REMOTE_ADDR}e
RequestHeader Set Host www.mysecure.com:443
RewriteRule ^/HelloWeb$ /HelloWeb/ [R,L]
RewriteRule ^/HelloWeb/(.*)
http://localhost:38080/HelloWeb/$1 [P,L]
<Location "/HelloWeb">
order deny,allow
deny from all
AuthType KerberosV5
AuthName "kerberos authentication"
Satisfy any
require valid-user
</Location>
------
Please let me know if there is any more information I can provide. Any suggestions would be greatly appreciated.
[Message sent by forum member 'bougie' (dab66_at_cornell.edu)]
http://forums.java.net/jive/thread.jspa?messageID=369133