I'm trying to create a GWT application that implements Shibboleth-based authorization. Because eventually it should be served in "production mode", I chose to run the application using Tomcat7, however the client connects to Apache2 which then forwards the request to Tomcat via AJP (using mod_proxy_ajp
).
The basic task, serving the application, works. However, I need to have access to the environment variables set by Shibboleth somehow. According to the Shibboleth documentation, environment variables will be forwarded to Tomcat if they are prefixed by AJP_
(the prefix is then dropped), so I went ahead and configured Shibboleth in such a manner that it adds that prefix to all the environment variables it sets (this works, as I have confirmed using a PHP script that simply prints all the environment variables).
The trouble is that the environment variables aren't available as environment variables anymore when they reach Tomcat but are rather supposed to be served -- as the mod_proxy_ajp
documentation phrases it -- as AJP request attributes.
Apparently, those kinds of attributes are supposed to be accessed using something like
getThreadLocalRequest().getSession().getAttribute("uid")
from within the servlet. Even though my PHP script lists an environment variable called AJP_uid
however, the call above returns null
while from what I understand it should return the same value that the environment variable AJP_uid
has.
To be sure, I also tried the call above with AJP_uid
instead of uid
in case the prefix wasn't dropped for some reason, but with no luck.
What am I doing wrong?
As @ThomasBroyer mentioned, I can also call getAttribute
on the HttpServletRequest
object returned by getThreadLocalRequest()
directly, which indeed did the trick for me:
getThreadLocalRequest().getAttribute("uid")
returns the appropriate value I expected. Thanks!