----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
Hi,
I'd like to use the basic user/passwd dialog
authentication for servlet directories, as I would for a CGI Script.
I'm having a hard time doing this using <Directory> and <Limit> in
httpd.conf, access.conf ....
Can access to servlet directories _not_
be controlled using the usual Apache directives (<Directory>, <Limit> )
or am I missing something ? Should the Directory tag then refer to the
absolute or relative directory path of the servlet directory,
the mount point or possibly the zone ?
Since there is a CGI-style getRemoteUser() function on the API,
one could make the (false) assumption that servlet dirs could be configured
in a manner similar to HTML or CGI dirs ? Now the func returns an empty
string,
should it BTW return null according to the API spec,
if no authentication has been or even can be made ?
In the JServ manual, I only found stuff on secure keys and IP screening -
should I look closer ? Security is not (yet) really an issue here, only
subscriber
identification, which could, of course, easily be implemented using servlets
& JavaScript,
but why code such basic things yourself... :)
My system configuration is:
- Linux Debian 2.1, kernel v2.2.10
- Apache 1.3.9 w/ all default options incl. CGI & setenvif, DSO enabled
- jsdk 2.0
- Blackdown JDK-port v1.2
- here's a diff of the relevant files compared to the defaults,
w/ comments stripped and hostnames changed (apache otherwise works OK, incl.
CGI)
### diff httpd.conf.default httpd.conf
32a33
> LoadModule jserv_module libexec/mod_jserv.so
39,40c40,41
< User nobody
< Group nogroup
---
> User www
> Group wwwdev
42c43
< ServerAdmin root@myhost
---
> ServerAdmin www@myhost
43a45,47
> ServerName myhost
>
> DocumentRoot "/var/www"
45d48
< DocumentRoot "/usr/local/apache/htdocs"
48,49c51,69
< Options FollowSymLinks
< AllowOverride None
---
>
> Options All
> AuthType Basic
> AuthUserFile /etc/apache/.htpasswd
> AuthGroupFile /etc/apache/.htgroup
>
> AllowOverride All
>
> AuthName "employee"
> <Limit GET>
> order allow,deny
> allow from foohost barhost secrethost
> require group emps
> </Limit>>
50a71
> <Directory /var/www/mlu/wwwint/servlet>
51a73,91
> Options Indexes FollowSymLinks
> AuthType Basic
> AuthUserFile /etc/apache/.htpasswd
> AuthGroupFile /etc/apache/.htgroup
>
> AllowOverride All
>
> AuthName "employee"
> <Limit GET>
> order allow,deny
> allow from foohost barhost secrethost
> require group emps
> </Limit>
>
> </Directory>
86c126
< HostnameLookups Off
---
> HostnameLookups On
112d151
< ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
114c153,155
< <Directory "/usr/local/apache/cgi-bin">
---
> ScriptAlias /cgi-bin /var/www/cgi-bin
>
> <Directory "/var/www/cgi-bin">
116c157
< Options None
---
> Options All
202a244
> Include /usr/local/apache/conf/jserv/jserv.conf
######### diff jserv.conf.default jserv.conf
######### diff jserv.properties.default jserv.properties
######### diff zone.properties.default zone.properties
5c5
< repositories=/usr/local/apache/servlets
---
> repositories=/var/www/mlu/wwwint/servlet
/Markku Luotamo
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
