This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes EJB and other Java EE Technologies and the fly likes getRemoteUser disappears Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "getRemoteUser disappears" Watch "getRemoteUser disappears" New topic

getRemoteUser disappears


Joined: Jun 13, 2003
Posts: 3
I have some pretty simple JSPs and EJBs. I use LDAP as a container managed authenticator. It's worked fine until recently.
I'm certain nothing significant has changed on the Appserver side. Of course, I would not bet my child on it. Nevertheless, what happens suggests its still partially working.
The login pop-up still works and prevents unauthorized logins. And (this is the bugger) in the first jsp invoked (an index.jsp from a welcome config) successfully acquires the uid from getRemoteUser(). EVERY SUBSEQUENT CALL TO GETREMOTEUSER() RETURNS NULL!
I can invoke any other app object on startup except the index.jsp and the security is bypassed. I've attached the relevant portion of my web.xml below.
Any ideas would be vastly appreciated. Thank, joe

<web-resource-name>Access Control</web-resource-name>
<description>All Users</description>
<description>Restrict Access to authenticated users</description>
I am using the following platform/tech:
-Websphere 5.0 appserver on Win2k
-Domino 5.0.11 LDAP server and directory (i.e., Notes)
WS Global Security Configuration:
Active Authentication Mechanism: SWAM
WS LDAP User Registry Configuration:
"Custom" LDAP user registry configuration, as the Domino one never seemed to work
User Filter (&(uid=%v)(objectclass=dominoPerson))
Group Filter (&(cn=%v)(objectclass=dominoGroup))
User ID Map dominoPerson:shortname
Group ID Map *:cn
Group Member ID Map dominoGroup:member
Certificate Map Mode EXACT_DN
Certificate Filter none
It is sorta covered in the JavaRanch Style Guide.
subject: getRemoteUser disappears
Similar Threads
Sample web.xml.. may be useful for SCWCD Ranchers
J2EE Security
Configure JNDI Realm
EJB and Security (JAAS)
securing ejb application depolyed in glassfish V3 using ldap realm that points to active directory