Has anyone been able to get this to work? We did the *alfresco* webapp using a servlet filter that caused HttpServletRequest.getRemoteUser() to return the authenticated user, and it worked just fine. No such luck with Share - we tried setting the X-Alfresco-Remote-User header on the request (by wrapping it in a HttpServletRequestWrapper), and on the response. No luck. I have seen conflicting threads about which webapp (share vs. alfresco) cares about the header - our experience seems to show that alfresco does not use it. We have set the "external.authentication.proxyUserName" property to be empty (in alfresco-global.properties, and in ..tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\external\external-filter.properties). No luck.
And then since external is in the global authentication chain, I HAVE to use it for Share (am I wrong about that?). At the moment, I have had to back off to having no SSO for either, and doing that over SSL. Yuck!
