Hi everybody, sorry for doing silly question, but i couldn't find an answer.
I'm trying to migrate from jrun to jboss a bunch of applications.
In jrun we use apache httpd and mod_auth_ldap to authenticate users against Active Directory.
User profiling is done in the business logic of the webapp, simply calling request.getAuthType and request.getRemoteUser.
I read in SecurityFAQ this is not possible in jboss; in fact, http headers contain neither user nor auth info, on jboss side.
I tryed to (and made it work) enable security constraints and application policies; de facto, mod_ldap passes info to jboss, which processes everiting and authorize my servlets.
But still no info on remoteUser.
Is there a (programmatic or not) way to make request info available in jboss?
Thanks