You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Etienne Lacombe <et...@rocketmail.com> on 2009/11/06 22:44:31 UTC

[users@httpd] Tomcat Form Based Authentication via Apache Proxy

Hello, 

I'm trying to setup multiple Apache servers in multiple locations, proxying requests to a single Tomcat instance at a central server. The purpose of doing the proxy is that the central server provides additional services but some stuff come from the local Apache server. For Flex to work well, all requests must be to the same domain as where the SWF come from. As the SWF are pretty large, I want them served from the site's local Apache. But the Flex application makes requests to a centralized Tomcat server.

So I did setup Apache with mod_proxy and that works. However, what does not work is when I make the Tomcat authentication through form instead of basic.

With form, I browse to the Apache server and get the correct pages from the Tomcat server, the login form. I fill out the form and post the login request to the j_security_check URL. What happens then is 10 repeat of the requests to Tomcat and each get an HTTP Status 408 back and in the end, Firefox tell me that a "Connection Interrupted" occurred.

Here is my configuration (IP are fake):

        ProxyRequests Off
        ProxyPreserveHost On

        <Proxy *>
                AddDefaultCharset off
                Order deny,allow
                Allow from all
        </Proxy>

        # Enable/disable the handling of HTTP/1.1 "Via:" headers.
        # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
        # Set to one of: Off | On | Full | Block

        ProxyVia On
        SetOutputFilter INFLATE;DEFLATE

        SetEnv proxy-initial-not-pooled 1

        ProxyPass /icosui/ https://89.75.4.116:8443/icosui/
        ProxyPassReverse /icosui/ https://89.75.4.116:8443/icosui/

        ProxyPass /icos/ https://89.75.4.116:8443/icos/
        ProxyPassReverse /icos/ https://89.75.4.116:8443/icos/

        ProxyPassReverseCookieDomain 89.75.4.116 89.75.7.102


Anybody has an idea on how to correctly configure it so that form-based authentication works?  As I said, that works fine with Basic authentication but I really need to use form base - the browser login dialog is not acceptable for this project.


Thanks,

Etienne



      


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org