Re: mod_webapp connector on linux

2001-10-03 Thread Matias Bahlenberg 

I recognize this problem, and it seems like a connector-problem. The Apache Server
can not connect to Tomcat.

I solved it with starting Tomcat before starting Apache. This means that everytime
I have to restart Tomcat, I have to restart Apache.

// Matias


- Original Message - 
From: James Williamson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, October 03, 2001 9:50 AM
Subject: Re: mod_webapp connector on linux


 Have you tried restarting Apache?
 
 - Original Message -
 From: Aksel Schmidt [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Wednesday, October 03, 2001 6:30 AM
 Subject: RE: mod_webapp connector on linux
 
 
   However, I'm still having a problem where I can reach my deployed web
   applications via port 8080 (directly to tomcat), but I can't reach it
   via port 80 (through Apache).  The error message is:
 
WebApp: Error 404
(File: wa_request.c Line: 197)
---
Web-application not yet deployed
---
 
   which is lame since I KNOW the app IS deployed (otherwise, I wouldn't be
   able to access it at 8080)!!!
 
  I guess I have the exact same problem. I expect it to be caused be the
 fact
  that you deploy your web app in another directory than
  $CATALINA_HOME/webapps which is fine when deploying to be used by tomcat
  alone. But the WebApp module expects every deployment made to reside in
 the
  default web apps directory I'm afraid. This is just an assumption. Does
  anyone know better? Can we go around this?
  An alternative is to go back using mod_jk and the server.xml contexts. I
  haven't tried this yet though.
  /aksel

Re: HTTP Status 500

2001-09-27 Thread Matias Bahlenberg 

Hi Lee,

I recognize this. I solved the problem with a Host inside the Engine element in the 
server.xml. See below:

Server port=8005 shutdown=SHUTDOWN debug=0

!-- Some information of the stand-alone service, tomcat web-server --
!-- I you do not use this service, I suggest you comment it all --

!-- Define an Apache-Connector Service --
Service name=Tomcat-Apache
Connector className=org.apache.ajp.tomcat4.Ajp13Connector
  port=8009 minProcessors=5 maxProcessors=75
  enableLookups=true 
  acceptCount=10 debug=0 /

!-- Replace localhost with what your Apache ServerName is set to --
Engine className=org.apache.catalina.connector.warp.WarpEngine
 name=Apache defaultHost=www.company.com debug=0 appBase=webapps

  !-- Global logger unless overridden at lower levels --
  Logger className=org.apache.catalina.logger.FileLogger
  prefix=apache_log. suffix=.txt
  timestamp=true/

Valve className=org.apache.catalina.valves.AccessLogValve
 directory=logs  prefix=apache_access_log. suffix=.txt
 pattern=common/

!-- Because this Realm is here, an instance will be shared globally --
Realm className=org.apache.catalina.realm.MemoryRealm /

!-- Be sure that the name is the same as ServerName in httpd.conf --
Host name=www.company.com appBase=webapps
Context path=
 docBase=ROOT
 crossContext=false
 reloadable=true /
/Host
/Engine
/Service
/Server



- Original Message - 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 26, 2001 4:46 PM
Subject: HTTP Status 500


 
 Does anyone know why i get the message
 
 HTTP Status 500 - No Host matches server name www.xxx.co.uk
 
 When i use ajp13 to connect to tomcat 4 from apache 1.3.20
 
 I am using the same method i would have used when i was using tomcat 3.x
 (I.e nothing has changed on the apache side
 
 Only the Connetor stuff in server.xml has changed !
 
 
 Any obvious ideas anyone ?
 
 
 Cheers in advance
 
 
 Lee
 
 
 (Embedded image moved to file: pic00041.pcx)

Re: Tomcat 4.0 Apache with Client Certs

2001-09-25 Thread Matias Bahlenberg 

Hi,

I have tried to get the client certificate information too, but with no success. I use 
Apache 1.3.19 with Tomcat 4.0.

I have been told that when using a connector with Apache  mod_ssl it is essential to 
specify SSLOptions +StdEnvVars +ExportCertData. Otherwise mod_ssl will not produce 
the neccessary environment variables for the connector.

When I use a connector to JRun, I use the below code to get the client-information:
---
java.security.cert.X509Certificate certApache = null;
String certData = request.getHeader(SSL_CLIENT_CERT);
if(certData!=null) {
ByteArrayInputStream inStream  = new ByteArrayInputStream(certData.getBytes());
java.security.cert.CertificateFactory cf = 
java.security.cert.CertificateFactory.getInstance(X.509);
certApache = (java.security.cert.X509Certificate)cf.generateCertificate(inStream);
inStream.close();
}

if(certApache!=null) {
certSubject  = certApache.getSubjectDN().getName();
certIssuer   = certApache.getIssuerDN().getName();
certSerialNumber = certApache.getSerialNumber().toString();
}
---

Unfortunately, it seems like the mod_webapp-connector (warp) does not support the 
export of client certificate information. They have told me that Tomcat 4.0 can be 
accessed by using the mod_jk (ajp13) as a connector. I have not get it worked yet.

If someone makes it work, please let me (us) knowan how!!!

// Matias


- Original Message - 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 24, 2001 5:58 PM
Subject: Tomcat 4.0  Apache with Client Certs


 Scenario
 
 I have apache passing any calls to servlets through to Tomcat 4 via
 the mod_webapp connector.
 My Server certificate and my client certificates work fine to allow
 specific users onto the system.
 
 ProblemProblemProblemProblemProblem
 
 In Tomcat 3.2.3 it was possible using AJP13 to access Client
 Certificate information via
 request.getAttribute(javax.servlet.request.X509Certificate) from
 within my tomcat servlet. In Release 4.0 using the warp connector this
 doesn`t appear to be the case. When i debug/view my request object for
 it`s attributes there are none present. No CIPHER_SUITE or
 X509Certificate.
 
 Please can someone tell me how i should be accessing client
 certificate information from within Tomcat 4.0 via apache.
 
 My System
 
 Apache-ssl 1.3
 Tomcat 4.0
 mod_webapp.so
 Linux Redhat 7.1
 
 Here is an extract of my httpd.conf
 
 VirtualHost www.xx.co.uk:443
 SSLEnable
 SSLCertificateFile /usr/local/ssl/www.xxx.crt
 SSLCertificateKeyFile /usr/local/ssl/www.xxx.key
 SSLCACertificateFile /usr/local/ssl/xxx.pem
 SSLVerifyClient 2
 SSLVerifyDepth 10
 SSLFakeBasicAuth
 SSLExportClientCertificates
 SSLCacheServerPort /usr/logs/gcache_port
 SSLCacheServerPath ./bin/gcache
 SSLSessionCacheTimeout 30
 SSLRequiredCiphers RC4-MD5
 SSLCacheServerPath ./bin/gcache
 SSLCacheServerPort logs/gcache_port
 SSLCacheServerRunDir /tmp
 Serveradmin xx@xx
 ServerName xxx
 WebAppConnection warpConnection warp localhost:8008
 WebAppDeploy testcert warpConnection /testcert/
 /VirtualHost
 
 and my server.xml to receive the warp connector
 
   !-- Define an Apache-Connector Service --
   Service name=Tomcat-Apache
 
 Connector className=org.apache.catalina.connector.warp.WarpConnector
  port=8008 minProcessors=5 maxProcessors=75
  enableLookups=true scheme=https secure=true
  acceptCount=10 debug=0/
 /Connector
 
 !--
  Factory className=org.apache.catalina.net.SSLServerSocketFactory
  clientAuth=false protocol=TLS/
 --
 
 !-- Replace localhost with what your Apache ServerName is set
 to --
 Engine className=org.apache.catalina.connector.warp.WarpEngine
  name=Apache defaultHost=localhost debug=0
 appBase=webapps
 .
 
 Any help or advise greatly appreciated
 
 Lee Lovell

SSL environment variables in Tomcat 4.0?

2001-09-21 Thread Matias Bahlenberg 

Hi, 

How do I obtain information of the Apache additional environment variables: 
SSL_CLIENT_CERT and SSL_SERVER_CERT in Tomcat 4.0?

I am using Tomcat 4.0 (final release) as servlet-container, connected via mod_webapp 
(WarpConnector) to Apache Web Server 1.3.19.

The Apache Server is configured to handle all SSL, with a secure virtual host on port 
443.

In the httpd.conf there is an SSL option, which allows Apache and external connectors, 
such as JRun and Tomcat, to get information about client and server certificates: 

SSLOptions +ExportCertData +CompatEnvVars +StrictRequire

Everything works fine, the double authentication works fine, but I do not get any 
information of the client certificate via Tomcat 4.0. 
To obtain the client certificate information, I use the following code: 

java.security.cert.X509Certificate certApache = null;
String certData = request.getHeader(SSL_CLIENT_CERT);
if(certData!=null) {
ByteArrayInputStream inStream  = new 
ByteArrayInputStream(certData.getBytes());
java.security.cert.CertificateFactory cf = 
java.security.cert.CertificateFactory.getInstance(X.509);
certApache = 
(java.security.cert.X509Certificate)cf.generateCertificate(inStream);
inStream.close();
}

if(certApache!=null) {
certSubject  = certApache.getSubjectDN().getName();
certIssuer   = certApache.getIssuerDN().getName();
certSerialNumber = certApache.getSerialNumber().toString();
}

I have also tried the above code with Apache-JRun, and it works fine.

Does anyone knows if the connector mod_webapp supports the additional environment 
variables?
- If so...how?
- If not...is there another connector, which supports SSL variables? Can mod_jk be 
used as a connector between Apache 1.3.* and Tomcat 4.0?

Matias