RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Aleix, Hi, In the mail I wrote incorrectly the tomcatAuthentication sentence, but I wrote it correctly in the jk2.properties file. Think of it too ;), but discarded to ask for :) thanks for the clarification.. My authentication in Apache is made throw a users file that can be declared in httpd.conf in Apache. Then in the same file, I have the sentences to connect to Tomcat, and it works fine because I can call all my servlets without problems. Maybe I'm forgetting something. I assume that without tomcat using only apache you can see the BAsic Auth dialog pops up.. Sorry to insist but the behaviour one can observe, when the 2 servers (tomcat apache ) are throwing his auth independently, is other, one see Apache throwing his auth dialogs, but later Tomcat refuses to enter in the protected area, so you can end seeing 2 auth dialogs poping up.. but to see only the tomcat one is really strange.. seems as Apache not correctly configured from here.. Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Aleix, security-constraint display-nameExample Security Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name url-pattern/*/url-pattern http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameBASIC Authentication/realm-name /login-config security-role role-nametomcat/role-name /security-role Oops, sorry senility is starting to bother me ;).. Well the problem is related to the fact that Apache doenst have a roleslike info and of course not having them Tomcat cannot know it from him, so your security constraint ends not seeing the correct role for that user, you need to have a correctly configured realm, using the exact same names you get from apache, where tomcat can go to ask for the user's roles... the Realm type doesnt matter for our porpouse.. If configuring exactly the same user name to have the needed roles in a tomcat realm doesnt work, i think it's a bug in tc 4.1.18.. So to summarize: 1) Apache needs to be configured tro do the auth 2) Tomcat needs a Realm ( JDBC,MEMORY or whatever ) containing the same exact usernames, with the associated roles, tha Apache will transmit to TC.. 3) tomcatAuthentication=false, so tomcat will get the username from Apache.. I know is a pain, but the lack of the roles concept in Apache makes it cumbersome, as web.xml only uses role names for security constraint not usernames.. Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
I actually had to comment out my security-constraint's to make it so Tomcat would not ask for authentication to make it not request it. If there is a workaround where that stuff is just ignored in the case of tomcatAuthentication=false and invoked in the case of tomcatAuthentication=true, that would be excellent because then I wouldn't have such a dependency on Apache to provide for the username and password. I certainly need to have Apache fronting it in production, but for testing, it would be nice to go straight at Tomcat rather than through Apache without having to modify my web.xml file. Please let me know if you find such a feature set in Tomcat. thanks, Jake At 08:17 AM 1/23/2003 +0100, you wrote: Hi, In the mail I wrote incorrectly the tomcatAuthentication sentence, but I wrote it correctly in the jk2.properties file. My authentication in Apache is made throw a users file that can be declared in httpd.conf in Apache. Then in the same file, I have the sentences to connect to Tomcat, and it works fine because I can call all my servlets without problems. Maybe I'm forgetting something. Thank you Aleix -Mensaje original- De: Jacob Kjome [mailto:[EMAIL PROTECTED]] Enviado el: jueves, 23 de enero de 2003 5:24 Para: Tomcat Users List Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Notice that you misspelled tomcatAuthentication. You wrote: request.tomcatAuthenticatoin=false It should be request.tomcatAuthentication=false Jake At 12:58 AM 1/23/2003 +0100, you wrote: Ok, Sorry about the laguage. My Apache version is 2.0.43 and Tomcat 4.1.18. I have a servlets path with the web.xml file with the authentication configuration in this way: security-constraint display-nameExample Security Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name url-pattern/*/url-pattern http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameBASIC Authentication/realm-name /login-config security-role role-nametomcat/role-name /security-role And in my jk2.properties file I have this entry: request.tomcatAuthenticatoin=false. But, tomcat asks me for the login! My users are authenticated throw Apache, and I want to use this logins with my servlets. Thank you Aleix -Mensaje original- De: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] Enviado el: jueves, 23 de enero de 2003 0:36 Para: 'Tomcat Users List' Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Aleix, Hola Ignacio, He estado probando exactamente lo que vosotrois comentais, pero Tomcat me sigue pidiendo que entre login i password. Alguna idea? No entiendo bien, estas seguro de que quien pide el password es tomcat y no el servidor de http? Un poco de informacion sobre tu configuracion ayudaria un tanto, IIS? Apache? version tomcat? etc etc Y mejor en ingles en adelante.. asi se entera todo el mundo.. Gracias Aleix Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Jacob, BTW, I used request.tomcatAuthentication=false not request.tomcatAuthentication=true Ooops, sorry, of course if you want tomcatAuthentication=false, you need to put request.tomcatAuthentication=false not true :, next time i will edit my CutPaste first i promise ..;) Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Hola Ignacio, He estado probando exactamente lo que vosotrois comentais, pero Tomcat me sigue pidiendo que entre login i password. Alguna idea? Gracias Aleix -Mensaje original- De: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] Enviado el: miércoles, 22 de enero de 2003 19:20 Para: 'Tomcat Users List'; 'Jacob Kjome' Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Jacob, BTW, I used request.tomcatAuthentication=false not request.tomcatAuthentication=true Ooops, sorry, of course if you want tomcatAuthentication=false, you need to put request.tomcatAuthentication=false not true :, next time i will edit my CutPaste first i promise ..;) Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Aleix, Hola Ignacio, He estado probando exactamente lo que vosotrois comentais, pero Tomcat me sigue pidiendo que entre login i password. Alguna idea? No entiendo bien, estas seguro de que quien pide el password es tomcat y no el servidor de http? Un poco de informacion sobre tu configuracion ayudaria un tanto, IIS? Apache? version tomcat? etc etc Y mejor en ingles en adelante.. asi se entera todo el mundo.. Gracias Aleix Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Ok, Sorry about the laguage. My Apache version is 2.0.43 and Tomcat 4.1.18. I have a servlets path with the web.xml file with the authentication configuration in this way: security-constraint display-nameExample Security Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name url-pattern/*/url-pattern http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameBASIC Authentication/realm-name /login-config security-role role-nametomcat/role-name /security-role And in my jk2.properties file I have this entry: request.tomcatAuthenticatoin=false. But, tomcat asks me for the login! My users are authenticated throw Apache, and I want to use this logins with my servlets. Thank you Aleix -Mensaje original- De: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] Enviado el: jueves, 23 de enero de 2003 0:36 Para: 'Tomcat Users List' Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Aleix, Hola Ignacio, He estado probando exactamente lo que vosotrois comentais, pero Tomcat me sigue pidiendo que entre login i password. Alguna idea? No entiendo bien, estas seguro de que quien pide el password es tomcat y no el servidor de http? Un poco de informacion sobre tu configuracion ayudaria un tanto, IIS? Apache? version tomcat? etc etc Y mejor en ingles en adelante.. asi se entera todo el mundo.. Gracias Aleix Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Aleix, Ok, Sorry about the laguage. Conoces el chiste del taxista de Nueva york? ;) My Apache version is 2.0.43 and Tomcat 4.1.18. I have a servlets path with the web.xml file with the authentication configuration in this way: I suppouse you have configured apache to do the security, dont you? I dont know very well Apache config but i think this is done be tweaking .htaccess files.. Sorry for the dumbest question, but i must ask first :) But, tomcat asks me for the login! My users are authenticated throw Apache, and I want to use this logins with my servlets. Ithink there is a misconception here, to make apache ask for a user and pass is an apache thing, the only thing tomcatAuthentication does is to ignore or use any auth done by the Http server at tomcat level, what this means? You need to config apache first and after that, make tomcat use it.. Tomcat will not command apache to do any auth based on web.xml constraints.. If not the case, i think i'll need to see some logs, the access.log from apache, error.log etc, and the tomcat related ones, not very sure which tomcat logs contains auth info, but putting debug='99' at the context level and authenticator in server.xml will help.. Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Notice that you misspelled tomcatAuthentication. You wrote: request.tomcatAuthenticatoin=false It should be request.tomcatAuthentication=false Jake At 12:58 AM 1/23/2003 +0100, you wrote: Ok, Sorry about the laguage. My Apache version is 2.0.43 and Tomcat 4.1.18. I have a servlets path with the web.xml file with the authentication configuration in this way: security-constraint display-nameExample Security Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name url-pattern/*/url-pattern http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameBASIC Authentication/realm-name /login-config security-role role-nametomcat/role-name /security-role And in my jk2.properties file I have this entry: request.tomcatAuthenticatoin=false. But, tomcat asks me for the login! My users are authenticated throw Apache, and I want to use this logins with my servlets. Thank you Aleix -Mensaje original- De: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] Enviado el: jueves, 23 de enero de 2003 0:36 Para: 'Tomcat Users List' Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Aleix, Hola Ignacio, He estado probando exactamente lo que vosotrois comentais, pero Tomcat me sigue pidiendo que entre login i password. Alguna idea? No entiendo bien, estas seguro de que quien pide el password es tomcat y no el servidor de http? Un poco de informacion sobre tu configuracion ayudaria un tanto, IIS? Apache? version tomcat? etc etc Y mejor en ingles en adelante.. asi se entera todo el mundo.. Gracias Aleix Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat
Hi, In the mail I wrote incorrectly the tomcatAuthentication sentence, but I wrote it correctly in the jk2.properties file. My authentication in Apache is made throw a users file that can be declared in httpd.conf in Apache. Then in the same file, I have the sentences to connect to Tomcat, and it works fine because I can call all my servlets without problems. Maybe I'm forgetting something. Thank you Aleix -Mensaje original- De: Jacob Kjome [mailto:[EMAIL PROTECTED]] Enviado el: jueves, 23 de enero de 2003 5:24 Para: Tomcat Users List Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Notice that you misspelled tomcatAuthentication. You wrote: request.tomcatAuthenticatoin=false It should be request.tomcatAuthentication=false Jake At 12:58 AM 1/23/2003 +0100, you wrote: Ok, Sorry about the laguage. My Apache version is 2.0.43 and Tomcat 4.1.18. I have a servlets path with the web.xml file with the authentication configuration in this way: security-constraint display-nameExample Security Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name url-pattern/*/url-pattern http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameBASIC Authentication/realm-name /login-config security-role role-nametomcat/role-name /security-role And in my jk2.properties file I have this entry: request.tomcatAuthenticatoin=false. But, tomcat asks me for the login! My users are authenticated throw Apache, and I want to use this logins with my servlets. Thank you Aleix -Mensaje original- De: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] Enviado el: jueves, 23 de enero de 2003 0:36 Para: 'Tomcat Users List' Asunto: RE: Re[2]: tomcatAuthentication=false and getRemoteUser returning null in recent versions of Tomcat Aleix, Hola Ignacio, He estado probando exactamente lo que vosotrois comentais, pero Tomcat me sigue pidiendo que entre login i password. Alguna idea? No entiendo bien, estas seguro de que quien pide el password es tomcat y no el servidor de http? Un poco de informacion sobre tu configuracion ayudaria un tanto, IIS? Apache? version tomcat? etc etc Y mejor en ingles en adelante.. asi se entera todo el mundo.. Gracias Aleix Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
