You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Koes, Derrick" <De...@Smith-Nephew.com> on 2002/08/13 15:40:40 UTC
RE: Can authentication to webapps be controlled by Apache HTTPD s
erve r rather than tomcat?
The auth seems to work through apache with this setting, but tomcat still
gives me the 403 error page.
-----Original Message-----
From: Jacob Kjome [mailto:hoju@visi.com]
Sent: Tuesday, August 13, 2002 9:33 AM
To: Tomcat Users List
Subject: Re: Can authentication to webapps be controlled by Apache HTTPD
serve r rather than tomcat? <eom>
Yes, but you have to add tomcatAuthentication="false" to your ajp13
connector in server.xml. Also, this doesn't seem to work with the Coyote
connector, only with the normal ajp13. connector.
Once you've done this, do your athentication through Apache and use
request.getRemoteUser() to get the name of the user who successfully logged
in through Apache.
Jake
At 01:49 PM 8/13/2002 +0100, you wrote:
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Can authentication to webapps be controlled by Apache
HTTPD s erve r rather than tomcat?
Posted by Jacob Kjome <ho...@visi.com>.
Make sure that you don't have any <security-constraint> stuff set up in
your web.xml for your app. You either need to handle everything at the
Apache level or let everything drop through to the Tomcat level. I know of
no way to do both at the same time.
Also, is Apache serving up the 403 error or is Tomcat? The auth should
*always* work through Apache whether you have tomcatAuthentication="false"
on the ajp13 connector or not. The only thing that parameter controls is
whether request.getRemoteUser() returns the value that Apache forwards onto
tomcat or null (if tomcatAuthentication="true" which is the default).
Jake
At 02:40 PM 8/13/2002 +0100, you wrote:
>The auth seems to work through apache with this setting, but tomcat still
>gives me the 403 error page.
>
>-----Original Message-----
>From: Jacob Kjome [mailto:hoju@visi.com]
>Sent: Tuesday, August 13, 2002 9:33 AM
>To: Tomcat Users List
>Subject: Re: Can authentication to webapps be controlled by Apache HTTPD
>serve r rather than tomcat? <eom>
>
>
>Yes, but you have to add tomcatAuthentication="false" to your ajp13
>connector in server.xml. Also, this doesn't seem to work with the Coyote
>connector, only with the normal ajp13. connector.
>
>Once you've done this, do your athentication through Apache and use
>request.getRemoteUser() to get the name of the user who successfully logged
>in through Apache.
>
>Jake
>
>At 01:49 PM 8/13/2002 +0100, you wrote:
> >
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>