Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Acegi and Shibboleth

  1. Feb 5th, 2008, 09:13 AM #11
    dave64
    dave64 is offline Junior Member
    Join Date
    Jan 2008
    Posts
    3

    Default

    Quote Originally Posted by willnorris View Post
    Make sure you have tomcatAuthentication="false" on your AJP connector in server.xml http://tomcat.apache.org/tomcat-5.5-doc/config/ajp.html
    Hi willnorris,

    Thanks for the pointer, since at this point any advice is welcome. Unfortunately, this is something I'm already aware of, and I'm confident that I have apache/mod_jk/tomcat properly configured. I even confirmed this by writing a tiny servlet that does nothing more than display the result of calling getRemoteUser() to confirm that REMOTE_USER is being properly passed. I'm quite certain that I just had a problem in my application content, because even after hard-coding my credentials in the filter I wrote, authentication was still failing.

    Up to this point, every attempt I've made to modify the default pentaho authentication configuration has resulted in either null credentials, or a complete failure of the application to start.

    Thanks for your help, though.

    Dave
  2. Feb 5th, 2008, 10:00 AM #12
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    Perhaps if you posted your filter configuration someone can work out what's wrong. Otherwise it's pretty much guesswork.

    If getRemoteUser() is returning null, why don't you insert a filter before the Acegi stack to check its value there. You could then insert your filter wherever you want in the stack and work out where/if the value changes.
  3. Feb 5th, 2008, 10:08 AM #13
    dave64
    dave64 is offline Junior Member
    Join Date
    Jan 2008
    Posts
    3

    Default

    Quote Originally Posted by Luke View Post
    Perhaps if you posted your filter configuration someone can work out what's wrong. Otherwise it's pretty much guesswork.

    If getRemoteUser() is returning null, why don't you insert a filter before the Acegi stack to check its value there. You could then insert your filter wherever you want in the stack and work out where/if the value changes.
    Hi Luke,

    My unsuccessful pubcookie/acegi attempt was already passed by the time I read this thread, and our configuration now doesn't attempt pubcookie so I currently have nothing to post. With the knowledge that this should work, I plan to start back down this path. Once I have it configured and not working, I'll post what I have. Again, many thanks for your offer to assist. I'd be extremely happy to see this working and will be posting configuration information soon.

    Thanks,

    Dave
  4. Mar 12th, 2008, 11:10 PM #14
    hiddencharm
    hiddencharm is offline Junior Member
    Join Date
    Mar 2008
    Posts
    2

    Default

    Check your AAP.xml file to see which attribute is set for remote user and make sure that the idp releases that required attribute.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules