I've got a java application that we'd like to protect with cosign. We'd
really prefer to put it behind apache httpd + mod_proxy (mod_ajp_proxy).
We need access to some of the environment variables set by mod_cosign
(specifically KRB5CCNAME). mod_ajp_proxy will make any environment
variable prefixed with AJP_ available to the tomcat environment.
I'd prefer to not have to build custom versions of mod_cosign, mod_rewrite
or mod_ajp_proxy if I can avoid it.
Some googling pointed me at..
http://www.opencms-wiki.org/wiki/MultiSite_configuration_instructions_(apache_%2B_mod_jk_or_mod_proxy_ajp)
which suggests..
while for mod_proxy_ajp, you have to use mod_rewrite to prepend AJP_ prefix
to variables that you want to send:
<IfModule mod_proxy_ajp.c>
RewriteRule .* - [E=AJP_SSL_CLIENT_S_DN:%{SSL:SSL_CLIENT_S_DN}]
</IfModule>
The mod_rewrite docs suggest that I* *have access to various groups of
environment variables.. but the ones I'm interested in are not in their
list of blessed variables. The docs suggest that I *might* be able to get
to them using the ENV or LA-U namespaces...
http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#EnvVar
...but I haven't had any success in getting them set *and* populated.
Any ideas?
Liam
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
