[TriLUG] Apache: modifying REMOTE_USER (w/ Tomcat)

Jeremy Portzer jeremyp at pobox.com
Tue Dec 6 14:31:02 EST 2005


On Tue, 6 Dec 2005, William Sutton wrote:

> Just for giggles...can you write an Apache/mod_perl handler that performs 
> the username translation and then hands off to the Java app?

Well I've thought about that, but I really need the request back in Apache
and handled by mod_jk.  I don't know exactly how to "hand off" the request
to Tomcat in the manner you describe, and if it was possible, it seems
this is overkill just for one small change like this.  I'd guess the 
Apache module interface is better designed for the type of thing I need, 
but even that might be a lot of overhead.

If I were going the filter route the better placement would probably be
inside Tomcat.  I think I'll just have to spend the time and figure out
how to do that.

I'm also investigating other non-intrusive changes that might be possible
on the LDAP server which is the ultimate provider of information to
Shibboleth.  (Shibboleth is being used as a single-sign-on function here
but is really middleware between LDAP and the web application.)  Thanks to
Greg Cox for that idea.

Jeremy

-- 
/---------------------------------------------------------------------\
| Jeremy Portzer        jeremyp at pobox.com      trilug.org/~jeremy     |
| GPG Fingerprint: 712D 77C7 AB2D 2130 989F  E135 6F9F F7BC CC1A 7B92 |
\---------------------------------------------------------------------/



More information about the TriLUG mailing list