You can configure your Web server with a third-party authentication
module and then configure the Web server plug-in to route requests to an application
server.
If an application calls the getRemoteUser() method, it relies on a private
HTTP header that contains the remote user information and is parsed by the
plug-in. The plug-in sets the private HTTP header value whenever a Web server
authentication module populates the remote user in the Web server data structure.
If the private HTTP header value is not set, the application's call to getRemoteUser()
returns a null value.
- In the case of an Apache Web server or the IBM HTTP Server, the plug-in
builds the private header from the information contained in the associated
request record.
- In the case of a Sun One Web server, the plug-in builds the private header
from the information contained in the auth_user property associated
with the request. The private header is usually set to the name of the local
HTTP user of the Web browser, if HTTP access authorization is activated for
the URL.
- In the case of a Domino Web server, the plug-in builds the private header
from the information contained in the REMOTE_USER environment variable.
The plug-in sets this variable to anonymous for users who have not
logged in and to the username for users who are logged into the application.
- In the case of an Internet Information Services (IIS) Web server, the
plug-in builds the private header from the information contained in the REMOTE_USER environment
variable. The plug-in sets this variable to the name of the user as it is
derived from the authorization header sent by the client.
If the private header is not being set in the Sun One, IIS, or Domino Web
server plug-in, make sure the request record includes information about the
user requesting the data.
If an application's call to getRemoteUser() returns a null value, or if
the correct remote user information is not being added to the Web server plug-in's
data structure, make sure the remote user parameter within the WebAgent is
still set to YES. (Sometimes this parameter gets set to NO when
service is applied.)