On 02.12.2011 17:49, André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will
Rainer Jung rainer.j...@kippdata.de wrote:
On 02.12.2011 17:49, André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
oh...@cox.net wrote:
...
Rainer Jung rainer.j...@kippdata.de wrote:
Although this thread has moved forward towards the role topic, I want to
give some infos about the user forwarding by mod_jk. Some of it was
already present in previous posts.
1) In order to let Tomcat accept the user,
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Rainer Jung rainer.j...@kippdata.de wrote:
Although this thread has moved forward towards the role topic, I want to
give some infos about the user forwarding by mod_jk. Some of it was
already present in previous
On 05.12.2011 10:42, oh...@cox.net wrote:
André Warniera...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Rainer Jungrainer.j...@kippdata.de wrote:
Although this thread has moved forward towards the role topic, I want to
give some infos about the user forwarding by mod_jk. Some of
Rainer Jung rainer.j...@kippdata.de wrote:
On 05.12.2011 10:42, oh...@cox.net wrote:
André Warniera...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Rainer Jungrainer.j...@kippdata.de wrote:
Although this thread has moved forward towards the role topic, I want to
oh...@cox.net wrote:
Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In other words, even though my valve code can assert a user
into Tomcat, and even
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a JkMountCopy 'on'
inside the
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat connection. I
have a sniff from earlier, where I was using ProxyPass ajp://, and, comparing that
sniff vs. a sniff that I have from when I
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier, where I
was using ProxyPass ajp://, and, comparing that sniff vs. a sniff
André Warnier a...@ice-sa.com wrote:
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier, where I
was using
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this
user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM
module directly
for Tomcat, to authenticate users there. Why are you not using
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM module directly
for Tomcat, to authenticate users there. Why are you
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass
this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM
module
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM module
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass
this user-id to
Tomcat ?
Obviously, from the
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously,
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask
Hi,
I didn't say anything about it before, but I've been, in parallel with
our discussion, mucking around both the OAM innards and the Apache source
code, as best I can, trying to find out why that internal remote_user
string (it is, I believe, only internal to Apache),
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In other words, even though my valve code can assert a user
into Tomcat, and even if that same user already exists in the
Tomcat realm, the asserted user
Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In other words, even though my valve code can assert a user
into Tomcat, and even if that same user already exists
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will not do it's own authentication, and
will instead rely on the authenticated user-id passed by the front-end server.
Now could
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will not do it's own
authentication, and
will instead rely on the
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will not do it's own
authentication,
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will not do it's own authentication, and
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/1/11 11:29 PM, oh...@cox.net wrote:
Also, BTW, I just did a test where, in the Apache httpd.conf, I
hard-coded REMOTE_USER header using RequestHeader.
In my sniffer, I can see the REMOTE_USER set to the hard-coded
string, but in my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 11:26 AM, oh...@cox.net wrote:
Sure. Here's the section from httpd.conf. This is testing where I
purposely insert a REMOTE_USER HTTP header into the request
being proxied. As I said, I have a sniffer on the line, and I can
see
Christopher Schultz ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 11:26 AM, oh...@cox.net wrote:
Sure. Here's the section from httpd.conf. This is testing where I
purposely insert a REMOTE_USER HTTP header into the request
oh...@cox.net wrote:
Christopher Schultz ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 11:26 AM, oh...@cox.net wrote:
Sure. Here's the section from httpd.conf. This is testing where I
purposely insert a
oh...@cox.net wrote:
Christopher Schultz ch...@christopherschultz.net wrote:
Chris, you managed to confuse the guy..
...
To be clear, in the discussion before now, I was just using mod_ajp
and that was a perfectly valid way to connect Apache to Tomcat.
...
I'm now in the process
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 2:08 PM, oh...@cox.net wrote:
Christopher Schultz ch...@christopherschultz.net wrote:
See
http://tomcat.apache.org/connectors-doc/reference/apache.html.
Specifically, the JkRemoteUserIndicator directive which allows
you
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a JkMountCopy 'on'
inside the VirtualHost, and now, it's at least proxying through to the Tomcat using
mod_jk!!
BUT, it's still not logging me into the Tomcat :(...
I don't want to
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a
JkMountCopy 'on' inside the VirtualHost, and now, it's at least
proxying through to the Tomcat using mod_jk!!
BUT, it's still
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a JkMountCopy 'on'
inside the VirtualHost, and now, it's at least proxying through to the Tomcat using
mod_jk!!
BUT,
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a
JkMountCopy 'on' inside the VirtualHost, and now, it's at least
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a
JkMountCopy 'on' inside the
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat
connection. I have a sniff from earlier, where I was using ProxyPass ajp://,
and, comparing that sniff vs. a sniff that I have from when I tested with your
suggested Location, in the
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier, where I was using
ProxyPass ajp://, and, comparing that sniff vs. a sniff that I have from
when I tested with
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, where just a userID/username is presented, and if that
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
support an authentication mode where no password or credentials are required?
It's hard to imagine a valid use case for this -- I hope you know what
you're doing. That said, you could use JAASRealm with
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
support an authentication mode where no password or credentials are
required? In other
On 01/12/2011 18:17, oh...@cox.net wrote:
Having said all of that, I guess that my question has changed
somewhat. Specifically, now I'm wondering: With what I described
above, and with my valve as described above, does the asserted user
NOT have to be in the Tomcat realm at all?
Correct. If
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
support an authentication mode
Mark Thomas ma...@apache.org wrote:
On 01/12/2011 18:17, oh...@cox.net wrote:
Having said all of that, I guess that my question has changed
somewhat. Specifically, now I'm wondering: With what I described
above, and with my valve as described above, does the asserted user
NOT
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm,
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In my sniffer, I can see the REMOTE_USER set to the hard-coded
string, but in my test JSP on Tomcat, there getUserPrincipal()
is returning null. I've tried
Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In my sniffer, I can see the REMOTE_USER set to the hard-coded
string, but in my test JSP on Tomcat, there getUserPrincipal
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, where just a userID/username is presented, and if that userID/username
is
55 matches
Mail list logo