Are you using mod_jk and Apache to front server requests?

If so, Apache has the getRemoteUser information and you need to configure
Tomcat to tell it where to pull this from. If you are using a recent
version of Tomcat, put the following jk2.properties....

request.tomcatAuthentication=false

Jake

At 12:28 PM 10/13/2003 -0400, you wrote:
>I have recently noticed that when you have a site with both protected and
>unprotected pages that getRemoteUser returns null on the unprotected pages
>eventhough I have authenticated against a protected page. isUserInRole also
>does not work.
>
>Is there a way I can determine who is logged in when I access an unprotected
>url?
>
>To answer my own Q, I supose I could create an object and store it in the
>session then access later, but is there another way?
>
>
>Ultimately I would like to present a dynamic menu in which administrators
>see a different menu than regular joe users. The menu is part of every page
>in this case. I would simple like to hide "admin only" sections so regular
>users don't see them.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
>For additional commands, e-mail: tomcat-user-help@(protected)


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)