java - Retrieving Shibboleth attributes from AJP connector request -


i have encountered weird problem when working shibboleth authentication running on apache , when tomcat7 running on end, apache sends through mod_proxy_ajp. , parameters sibboleth.

in documentation (https://wiki.shibboleth.net/confluence/display/shib2/nativespjavainstall) explicitly stated ajp sends attributes prefix attributeprefix="ajp_" , developer should not take shortcuts , enable sending auth attributes trough http headers (https://wiki.shibboleth.net/confluence/display/shib2/nativespspoofchecking)

i try retrieve attributes using

httpservletrequest req = (httpservletrequest) facescontext.getcurrentinstance()                          .getexternalcontext().getrequest();  enumeration<string> e = req.getattributenames(); 

but no matter try, no shibboleth attributes ever show up.

after 2 hours of trying find out doing wrong. tried retrieve attribute name using.

req.getattribute("uid"); 

and reason works. though "uid" isn't listed in getattributenames();

it smells bug, or mistimed communication somewhere between ajp , spring or jsf...


Comments

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

gcc - Calling fftR4() in c from assembly -

Function that returns a formatted array in VBA -