[users@httpd] Apache as Reverse Proxy and Single-Sign On for Tomcat

[Werner Schalk <we...@gmx.de>]

Hello,

I would like to use Apache in a rather obscure way and I hope you guys can 
give me some insight on how to solve the problem I am facing.

Basically I would like to install Apache as reverse proxy in front of two 
Tomcat servers (siteA and siteB) and let Apache perform some sort of 
Single-Sign On. This means that I would like to perform a Basic Auth for 
accessing siteA and give a user access to siteB if (and only if) he has been 
successfully authenticated to siteA before. Of course I could use the same 
realm for both sites and thus achieve some sort of easy login for both apps. 
However I would like to send a forbidden message to the user if he tries to 
access siteB directly which is not possible with the same realm. I thought 
of some mod_rewrite magic but I am unsure how this could be done and whether 
the look-ahead function could be useful. Any ideas on this?

Thanks and bye,
Werner.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org