From: Kevin Regan <k.regan_at_f5.com>
Date: Wed, 2 May 2012 18:24:21 +0000

I'm accessing Glassfish through Apache using mod_proxy_http. Apache handles the authentication and sets several headers that are passed to Glassfish:

[#|2012-05-02T11:19:29.251-0700|INFO|glassfish3.1.2|com.sun.jersey.api.container.filter.LoggingFilter|_ThreadID=18;_ThreadName=Thread-2;|2 * Server in-bound request
2 > GET http://127.0.0.1:8080/f5ws/isoimages
2 > host: 127.0.0.1:8080
2 > authorization: Basic dXNlcjE6dXNlcjE=
...
2 > remote-user: user1
2 > remote_user: user1
2 > x-forwarded-user: user1
...

I can access these variables through the HttpServletRequest.getHeader() method. However, I would like HttpServletRequest.getRemoteUser() (and javax.ws.rs.SecurityContext) to work (it currently returns NULL). Is there a configuration setting necessary to map the appropriate HTTP header so that Glassfish uses it as the authenticated user?

Sincerely,
Kevin Regan