I've been spending quite a bit of time trying to get my configuration to work and have had no successful. I've found some posts on this discussion site that are sort of related but I've not been able to piece it together. My configuration and problem is
On a purely windows domain I have two tomcat servers (server1, server2) that have a test jsp page. It has been set up with waffle to retrieve the windows username who is accessing the JSP. From a client (client1), also on the domain, I can use IE to
view the JSP directly from either server, e.g.
http://server1:8080/cluster/test.jsp . The JSP includes displaying the windows user I am logged into the client as and which server processed the request, e.g. DOMAIN\user1 server1. This seems to prove that waffle is configured OK.
I would like to then use Apache HTTP Server v2.2 with mod_proxy_balancer as a load balancer. It is located on a different server, e.g. serverlb, but is on the domain. I have a basic configuration of mod_proxy_balancer that seems to work with server1
and server2 when waffle isn't used, i.e. the load balancer correctly passes the request to one of the two tomcat servers. It isn't showing the windows username but I assume that is OK as waffle isn't used at this point. This seems to prove that the load
balancer is configured OK.
Then I try to put waffle and the load banacer together. I try to access the test JSP from the load balancer while waffle is used, e.g.
http://serverlb:8080/cluster/test.jsp using the same user (DOMAIN\User1) and same client (client1). This time it shows a dialog box for a username and password. If I enter the credentials for
the DOMAIN\user1 (who I am logged in as on the client), it fails to authenicate. It seems the only credentials that work are for a local user found on the load balancer server, e.g. SERVERLB\Administrator. These credentials are accepted and the jsp is
displayed. The JSP shows which one of the two servers processed the JSP (e.g. server1 or server2) but the interesting thing is the user is reported as SERVER1\Administrator or SERVER2\Administrator, i.e. it has translated the local administrator I provided
as credentials (SERVERLB\Administrator) to equivalent local administor of the tomcat server.
I don't know what is needed to fix it. I've tried many things and have ran out of ideas. I'm not sure if it's a tomcat, waffle or appache http server problem / configuration. It seems the credentials entered into the dialog box are checked against the local
users on serverlb.
The desired effect is the tomcat servers at the back end get the windows username of the user accessing the page without any login dialog box. The load balancer distributes the request to both the tomcat servers.
Any help, comments, tips etc would be greatly appreciated,