You can configure your Web server with a vendor-acquired
authentication module and then configure the Web server plug-in to
route requests to an application server.
If an application calls the getRemoteUser method, it relies on
a private HTTP header that contains the remote user information and
is parsed by the plug-in. The plug-in sets the private HTTP header
value whenever a Web server authentication module populates the remote
user in the Web server data structure. If the private HTTP header
value is not set, the call to getRemoteUser method by the application
returns a null value.
- In the case of an Apache Web server or the IBM HTTP Server, the
plug-in builds the private header from the information contained in
the associated request record.
- In the case of a Sun One Web server, the plug-in builds the private
header from the information contained in the auth_user property
associated with the request. The private header is usually set to
the name of the local HTTP user of the Web browser, if HTTP access
authorization is activated for the URL.
- In the case of a Domino Web server, the plug-in builds the private
header from the information contained in the REMOTE_USER environment
variable. The plug-in sets this variable to anonymous for users
who have not logged in and to the username for users who are
logged into the application.
- In the case of an Internet Information Services (IIS) Web server,
the plug-in builds the private header from the information contained
in the REMOTE_USER environment variable. The plug-in sets this
variable to the name of the user as it is derived from the authorization
header sent by the client.
Avoid trouble: If the private header is not being set
in the Sun One, IIS, or Domino Web server plug-in, make sure the request
record includes information about the user requesting the data.
gotcha
Avoid trouble:
If a call to getRemoteUser
method from the application returns a null value, or if the correct
remote user information is not being added to the data structure for
the Web server plug-in, make sure the remote user parameter within
the vendor-acquired authentication module is still set to YES ![[may2010]](../../deltaend.gif)
may2010
.
(Sometimes this parameter gets set to
NO when service is applied.)
gotcha