[jcifs] jCIFS breaks posts to ASP pages

Allistair Crossley Allistair.Crossley at QAS.com
Mon Apr 26 09:06:02 GMT 2004

Hi Eric

Just to let you know that I was able to get the remote user in the manner you suggested below. Thanks a lot for your help! (even though I won't need jcifs now!)


-----Original Message-----
From: eglass1 at comcast.net [mailto:eglass1 at comcast.net]
Sent: 20 April 2004 14:54
To: Allistair Crossley
Cc: jcifs at lists.samba.org
Subject: RE: [jcifs] jCIFS breaks posts to ASP pages

> Hi Eric
> I'm using Tomcat 5 and just the NTLM filter. I only use jCIFS to be able to call 
> request.getRemoteUser() and not to check passwords. If I can get this working 
> then I would not need jcifs. 

Try looking at the tomcatAuthentication parameter; this controls whether the
webserver or Tomcat is authenticating users.  If you are using the AJP13
connector, you would do this in server.xml, something like:

<Connector className="org.apache.ajp.tomcat4.Ajp13Connector"
        tomcatAuthentication="false" port="8009" minProcessors="5"
        maxProcessors="75" acceptCount="10" debug="0"/>

The "tomcatAuthentication" is the relevant bit here.  If you are using the
Coyote JK2 connector, you would edit jk2.properties and add:


This should cause Tomcat to defer authentication to the external web server,
and request.getRemoteUser() should return whatever the web server indicates.
You would then set the web server up to use Integrated Authentication, and
remove the jCIFS filter from your application's web.xml.

If it still doesn't work, you might try asking around on the Tomcat user lists;
they might have more information, as this is a moderately common scenario.


QAS Ltd.
Developers of QuickAddress Software
<a href="http://www.qas.com">www.qas.com</a>
Registered in England: No 2582055
Registered in Australia: No 082 851 474

More information about the jcifs mailing list