You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by ka...@miser.umass.edu on 2004/07/08 19:50:47 UTC
Tomcat 5 Apache Authentication
Hi all,
I am having a problem getting Tomcat 5 to use Apache authentication. We
have an existing CGI application that is handled by Apache 2, and I am tring to
integrate some java stuff using Tomcat 5. Here is what I have:
##
## APACHE 2 conf/httpd.conf:
##
# Tomcat Connector
LoadModule jk2_module modules/mod_jk2.so
JKSet config.file "/opt/apps/apache/conf/workers2.properties"
# Tomcat 5
Alias /web/ja/ /opt/web/prod/ja/
<Directory /opt/web/prod/ja/>
SSLRequireSSL
AuthType Basic
AuthUserFile /opt/work/apps/trade/conf/ft_webauth
AuthGroupFile /opt/work/apps/trade/conf/ft_webauthg
require group mygroup
AllowOverride All
order allow,deny
allow from all
Options MultiViews Indexes FollowSymLinks
</Directory>
# CGI Webapp
ScriptAlias /web/ /opt/web/prod/
<directory /opt/web/prod/>
SSLRequireSSL
AuthUserFile /opt/work/apps/trade/conf/ft_webauth
AuthGroupFile /opt/work/apps/trade/conf/ft_webauthg
AuthName privy
AuthType Basic
require group ftgroup1 vedp demoskin umass choosemd wtctacoma wtcstl wtcc
belmont wtcchicago wtcdemo wtcfrance wisconsin aim medc efi testgroup webdev twr
dcca wtcdn matrade ft_g2 ft_g3 ft_g4 ft_g5 ft_g6 ft_g7 ft_g8 ft_g9
AllowOverride All
order allow,deny
allow from all
Options MultiViews ExecCGI
</directory>
##
## workers2.properties
##
[shm]
info=Scoreboard. Required for reconfiguration
file=/opt/apps/tomcat/logs/jk2.shm
size=1048576
debug=0
disabled=0
# Defines a load balancer named lb. Use even if you only have one machine.
[lb:lb]
# Example socket channel, override port and host.
[channel.socket:localhost:8009]
port=8009
host=127.0.0.1
# define the worker
[ajp13:localhost:8009]
channel=channel.socket:localhost:8009
group=lb
# java web app
[uri:/web/ja/*]
worker=ajp13:localhost:8009
group=lb
##
## TOMCAT 5 conf/server.xml
##
<Server port="8005" shutdown="SHUTDOWN" debug="0">
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
debug="0"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
debug="0"/>
<GlobalNamingResources>
<Environment name="simpleValue" type="java.lang.Integer" value="30"/>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved">
</Resource>
<ResourceParams name="UserDatabase">
<parameter>
<name>factory</name>
<value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
</parameter>
<parameter>
<name>pathname</name>
<value>conf/tomcat-users.xml</value>
</parameter>
</ResourceParams>
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8009"
enableLookups="false" redirectPort="8443" debug="0"
protocol="AJP/1.3" tomcatAuthentication="false" />
<Engine name="Catalina" defaultHost="localhost" debug="0">
<Valve className="org.apache.catalina.valves.RequestDumperValve"/>
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="catalina_log." suffix=".txt"
timestamp="true"/>
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
debug="0" resourceName="UserDatabase"/>
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<!-- Java Web App -->
<Context path="/web/ja" docBase="/opt/web/prod/ja" debug="2"
reloadable="true">
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="wtprod_file_log." suffix=".txt"
timestamp="true"/>
</Context>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="localhost_access_log." suffix=".txt"
pattern="common" resolveHosts="false"/>
<Logger className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="localhost_log." suffix=".txt"
timestamp="true"/>
</Host>
</Engine>
</Service>
</Server>
##
## END SCRIPTS
##
Ok, so I placed tomcatAuthentication="false" and also in my httpd.conf file, I
put the directory to my java stuff since I want it to be protected by Apache's
authentication. However, when I try my java app, the request.getRemoteUser()
comes up null, now do I get prompted for a password. Any help would be greatly
appreciated!
Thanks,
Kevin
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 5 Apache Authentication
Posted by Joseph Shraibman <jk...@selectacast.net>.
kandryc@miser.umass.edu wrote:
> Hmmm...so is there any workaround? For example, using an older version of the
> JK connector or some older combination of Tomcat/Apache and the JK connector?
>
> Thanks,
> Kevin
Not as far as I know.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 5 Apache Authentication
Posted by ka...@miser.umass.edu.
Hmmm...so is there any workaround? For example, using an older version of the
JK connector or some older combination of Tomcat/Apache and the JK connector?
Thanks,
Kevin
Quoting Joseph Shraibman <jk...@selectacast.net>:
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25367
>
>
> kandryc@miser.umass.edu wrote:
> > Hi all,
> > I am having a problem getting Tomcat 5 to use Apache authentication.
> We
> > have an existing CGI application that is handled by Apache 2, and I am
> tring to
> > integrate some java stuff using Tomcat 5. Here is what I have:
> >
> > ##
> > ## APACHE 2 conf/httpd.conf:
> > ##
> >
> > # Tomcat Connector
> > LoadModule jk2_module modules/mod_jk2.so
> > JKSet config.file "/opt/apps/apache/conf/workers2.properties"
> >
> > # Tomcat 5
> > Alias /web/ja/ /opt/web/prod/ja/
> > <Directory /opt/web/prod/ja/>
> > SSLRequireSSL
> > AuthType Basic
> > AuthUserFile /opt/work/apps/trade/conf/ft_webauth
> > AuthGroupFile /opt/work/apps/trade/conf/ft_webauthg
> > require group mygroup
> > AllowOverride All
> > order allow,deny
> > allow from all
> > Options MultiViews Indexes FollowSymLinks
> > </Directory>
> >
> > # CGI Webapp
> > ScriptAlias /web/ /opt/web/prod/
> > <directory /opt/web/prod/>
> > SSLRequireSSL
> > AuthUserFile /opt/work/apps/trade/conf/ft_webauth
> > AuthGroupFile /opt/work/apps/trade/conf/ft_webauthg
> > AuthName privy
> > AuthType Basic
> > require group ftgroup1 vedp demoskin umass choosemd wtctacoma wtcstl
> wtcc
> > belmont wtcchicago wtcdemo wtcfrance wisconsin aim medc efi testgroup
> webdev twr
> > dcca wtcdn matrade ft_g2 ft_g3 ft_g4 ft_g5 ft_g6 ft_g7 ft_g8 ft_g9
> > AllowOverride All
> > order allow,deny
> > allow from all
> > Options MultiViews ExecCGI
> > </directory>
> >
> > ##
> > ## workers2.properties
> > ##
> >
> > [shm]
> > info=Scoreboard. Required for reconfiguration
> > file=/opt/apps/tomcat/logs/jk2.shm
> > size=1048576
> > debug=0
> > disabled=0
> >
> > # Defines a load balancer named lb. Use even if you only have one machine.
> > [lb:lb]
> >
> > # Example socket channel, override port and host.
> > [channel.socket:localhost:8009]
> > port=8009
> > host=127.0.0.1
> >
> > # define the worker
> > [ajp13:localhost:8009]
> > channel=channel.socket:localhost:8009
> > group=lb
> >
> > # java web app
> > [uri:/web/ja/*]
> > worker=ajp13:localhost:8009
> > group=lb
> >
> > ##
> > ## TOMCAT 5 conf/server.xml
> > ##
> >
> > <Server port="8005" shutdown="SHUTDOWN" debug="0">
> > <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
> > debug="0"/>
> > <Listener
> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
> > debug="0"/>
> >
> > <GlobalNamingResources>
> >
> > <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
> >
> > <Resource name="UserDatabase" auth="Container"
> > type="org.apache.catalina.UserDatabase"
> > description="User database that can be updated and saved">
> > </Resource>
> > <ResourceParams name="UserDatabase">
> > <parameter>
> > <name>factory</name>
> > <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
> > </parameter>
> > <parameter>
> > <name>pathname</name>
> > <value>conf/tomcat-users.xml</value>
> > </parameter>
> > </ResourceParams>
> >
> > </GlobalNamingResources>
> >
> > <Service name="Catalina">
> >
> > <Connector port="8009"
> > enableLookups="false" redirectPort="8443" debug="0"
> > protocol="AJP/1.3" tomcatAuthentication="false" />
> >
> > <Engine name="Catalina" defaultHost="localhost" debug="0">
> >
> > <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
> >
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > prefix="catalina_log." suffix=".txt"
> > timestamp="true"/>
> >
> > <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> > debug="0" resourceName="UserDatabase"/>
> >
> > <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true"
> > autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
> >
> > <!-- Java Web App -->
> > <Context path="/web/ja" docBase="/opt/web/prod/ja" debug="2"
> > reloadable="true">
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > prefix="wtprod_file_log." suffix=".txt"
> > timestamp="true"/>
> > </Context>
> >
> >
> > <Valve className="org.apache.catalina.valves.AccessLogValve"
> > directory="logs" prefix="localhost_access_log."
> suffix=".txt"
> > pattern="common" resolveHosts="false"/>
> >
> > <Logger className="org.apache.catalina.logger.FileLogger"
> > directory="logs" prefix="localhost_log." suffix=".txt"
> > timestamp="true"/>
> >
> > </Host>
> >
> > </Engine>
> >
> > </Service>
> >
> > </Server>
> >
> > ##
> > ## END SCRIPTS
> > ##
> >
> > Ok, so I placed tomcatAuthentication="false" and also in my httpd.conf
> file, I
> > put the directory to my java stuff since I want it to be protected by
> Apache's
> > authentication. However, when I try my java app, the
> request.getRemoteUser()
> > comes up null, now do I get prompted for a password. Any help would be
> greatly
> > appreciated!
> >
> > Thanks,
> > Kevin
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 5 Apache Authentication
Posted by Joseph Shraibman <jk...@selectacast.net>.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25367
kandryc@miser.umass.edu wrote:
> Hi all,
> I am having a problem getting Tomcat 5 to use Apache authentication. We
> have an existing CGI application that is handled by Apache 2, and I am tring to
> integrate some java stuff using Tomcat 5. Here is what I have:
>
> ##
> ## APACHE 2 conf/httpd.conf:
> ##
>
> # Tomcat Connector
> LoadModule jk2_module modules/mod_jk2.so
> JKSet config.file "/opt/apps/apache/conf/workers2.properties"
>
> # Tomcat 5
> Alias /web/ja/ /opt/web/prod/ja/
> <Directory /opt/web/prod/ja/>
> SSLRequireSSL
> AuthType Basic
> AuthUserFile /opt/work/apps/trade/conf/ft_webauth
> AuthGroupFile /opt/work/apps/trade/conf/ft_webauthg
> require group mygroup
> AllowOverride All
> order allow,deny
> allow from all
> Options MultiViews Indexes FollowSymLinks
> </Directory>
>
> # CGI Webapp
> ScriptAlias /web/ /opt/web/prod/
> <directory /opt/web/prod/>
> SSLRequireSSL
> AuthUserFile /opt/work/apps/trade/conf/ft_webauth
> AuthGroupFile /opt/work/apps/trade/conf/ft_webauthg
> AuthName privy
> AuthType Basic
> require group ftgroup1 vedp demoskin umass choosemd wtctacoma wtcstl wtcc
> belmont wtcchicago wtcdemo wtcfrance wisconsin aim medc efi testgroup webdev twr
> dcca wtcdn matrade ft_g2 ft_g3 ft_g4 ft_g5 ft_g6 ft_g7 ft_g8 ft_g9
> AllowOverride All
> order allow,deny
> allow from all
> Options MultiViews ExecCGI
> </directory>
>
> ##
> ## workers2.properties
> ##
>
> [shm]
> info=Scoreboard. Required for reconfiguration
> file=/opt/apps/tomcat/logs/jk2.shm
> size=1048576
> debug=0
> disabled=0
>
> # Defines a load balancer named lb. Use even if you only have one machine.
> [lb:lb]
>
> # Example socket channel, override port and host.
> [channel.socket:localhost:8009]
> port=8009
> host=127.0.0.1
>
> # define the worker
> [ajp13:localhost:8009]
> channel=channel.socket:localhost:8009
> group=lb
>
> # java web app
> [uri:/web/ja/*]
> worker=ajp13:localhost:8009
> group=lb
>
> ##
> ## TOMCAT 5 conf/server.xml
> ##
>
> <Server port="8005" shutdown="SHUTDOWN" debug="0">
> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
> debug="0"/>
> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
> debug="0"/>
>
> <GlobalNamingResources>
>
> <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
>
> <Resource name="UserDatabase" auth="Container"
> type="org.apache.catalina.UserDatabase"
> description="User database that can be updated and saved">
> </Resource>
> <ResourceParams name="UserDatabase">
> <parameter>
> <name>factory</name>
> <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
> </parameter>
> <parameter>
> <name>pathname</name>
> <value>conf/tomcat-users.xml</value>
> </parameter>
> </ResourceParams>
>
> </GlobalNamingResources>
>
> <Service name="Catalina">
>
> <Connector port="8009"
> enableLookups="false" redirectPort="8443" debug="0"
> protocol="AJP/1.3" tomcatAuthentication="false" />
>
> <Engine name="Catalina" defaultHost="localhost" debug="0">
>
> <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
>
> <Logger className="org.apache.catalina.logger.FileLogger"
> prefix="catalina_log." suffix=".txt"
> timestamp="true"/>
>
> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> debug="0" resourceName="UserDatabase"/>
>
> <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true"
> autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
>
> <!-- Java Web App -->
> <Context path="/web/ja" docBase="/opt/web/prod/ja" debug="2"
> reloadable="true">
> <Logger className="org.apache.catalina.logger.FileLogger"
> prefix="wtprod_file_log." suffix=".txt"
> timestamp="true"/>
> </Context>
>
>
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="localhost_access_log." suffix=".txt"
> pattern="common" resolveHosts="false"/>
>
> <Logger className="org.apache.catalina.logger.FileLogger"
> directory="logs" prefix="localhost_log." suffix=".txt"
> timestamp="true"/>
>
> </Host>
>
> </Engine>
>
> </Service>
>
> </Server>
>
> ##
> ## END SCRIPTS
> ##
>
> Ok, so I placed tomcatAuthentication="false" and also in my httpd.conf file, I
> put the directory to my java stuff since I want it to be protected by Apache's
> authentication. However, when I try my java app, the request.getRemoteUser()
> comes up null, now do I get prompted for a password. Any help would be greatly
> appreciated!
>
> Thanks,
> Kevin
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org