Forward REMOTE_USER to tomcat via AJP (e.g. for shibboleth)

apache authentication tomcat ajp shibboleth
11,781

Ok, here's my solution. I found that tomcat needs to be configured to trust/accept the authentication that was done by apache2...

To do this, you have to edit the server.xml of tomcat (should be at /etc/tomcat6/server.xml or similar) and add tomcatAuthentication="false" to your <Connector>-Tag for the AJP connection. My Connector tag looks now like this:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
   tomcatAuthentication="false" />

Now you just need to restart tomcat... finished.

Hope this helps! ;-)

Stefan

Explanation:

"tomcatAuthentication" -- "If set to true, the authentication will be done in Tomcat. Otherwise, the authenticated principal will be propagated from the native webserver and used for authorization in Tomcat. The default value is true."

Quoted from: http://tomcat.apache.org/tomcat-5.5-doc/config/ajp.html

Share:
11,781
SDwarfs
Author by

SDwarfs

Updated on June 11, 2022

Comments

  • SDwarfs
    SDwarfs about 2 years

    Today I just got stuck with the following problem: 1. I configured apache for basic authentication (require valid user); which worked. 2. I further configured apache to forward requests for some path (/idp in my case) to a tomcat servlet (shibboleth IDP).

    The result was, that the shibboleth IdP (ECP profile) told me there was no "REMOTE_USER" set (it's using the httpRequest.getRemoteUser() method to check this; it returned null).

    I tried a lot of things like SetEnv and RewriteRule stuff, but without success.

    The solution is quite simple, but rather hard to find... so I decided to post it here to help others solving that kind of issue.

    Regards Stefan

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Apache + Tomcat with mod_jk - Web site hangs
Apache 2.2 Virtual hosts + Tomcat 7 applications
Apache Config - Exclude Location from Authentication
ProxyPass, ProxyReverse vs AJP
Apache + Tomcat: Using mod_proxy instead of AJP
Forward connection from Apache on 80 to Tomcat 6 on 8080 with mod_proxy
Apache 2.4.37 with openssl 1.1.1: cannot perform post-handshake authentication
How to Set Context root in Spring Mvc Project
Redirect apache to tomcat
Removing Tomcat context from URLs for a virtual host (mod_jk, mod_rewrite)