RE: Basic user/passwd dialog authentication for servlet zones ?

Brett Knights Thu, 11 Nov 1999 07:58:44 -0800
----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files.  Don't make us guess your problem!!!
----------------------------------------------------------------

Use the <LOCATION> tags . Check the FAQ or the Apache web site

***********************************************************
Brett Knights                             626-432-5767 work
[EMAIL PROTECTED]                 626-355-1017 home 
***********************************************************


> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Thursday, November 11, 1999 1:30 AM
> To: [EMAIL PROTECTED]
> Subject: Basic user/passwd dialog authentication for servlet zones ?
> 
> 
> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files.  Don't make us guess your problem!!!
> ----------------------------------------------------------------
> 
> Hi, 
> 
> I'd like to use the basic user/passwd dialog 
> authentication for servlet directories, as I would for a CGI Script.
> I'm having a hard time doing this using <Directory> and <Limit> in
> httpd.conf, access.conf ....
> Can access to servlet directories _not_ 
> be controlled using the usual Apache directives (<Directory>, 
> <Limit> )
> or am I missing something ? Should the Directory tag then 
> refer to the 
> absolute or relative directory path of the servlet directory, 
> the mount point or possibly the zone ?
> 
> Since there is a CGI-style getRemoteUser() function on the API, 
> one could make the (false) assumption that servlet dirs could 
> be configured 
> in a manner similar to HTML or CGI dirs ?  Now the func 
> returns an empty
> string, 
> should it BTW return null according to the API spec, 
> if no authentication has been or even can be made ?
> 
> In the JServ manual, I only found stuff on secure keys and IP 
> screening -
> should I look closer ?  Security is not (yet) really an issue 
> here, only
> subscriber 
> identification, which could, of course, easily be implemented 
> using servlets
> & JavaScript,
> but why code such basic things yourself... :)
> 
> My system configuration is:
> - Linux Debian 2.1, kernel v2.2.10
> - Apache 1.3.9 w/ all default options incl. CGI & setenvif, 
> DSO enabled
> - jsdk 2.0
> - Blackdown JDK-port v1.2
> - here's a diff of the relevant files compared to the defaults, 
> w/ comments stripped and hostnames changed (apache otherwise 
> works OK, incl.
> CGI)
> 
> ### diff httpd.conf.default httpd.conf
> 32a33
> > LoadModule jserv_module libexec/mod_jserv.so
> 39,40c40,41
> < User nobody
> < Group nogroup
> ---
> > User www
> > Group wwwdev
> 42c43
> < ServerAdmin root@myhost
> ---
> > ServerAdmin www@myhost
> 43a45,47
> > ServerName myhost
> > 
> > DocumentRoot "/var/www" 
> 45d48
> < DocumentRoot "/usr/local/apache/htdocs"
> 48,49c51,69
> <     Options FollowSymLinks
> <     AllowOverride None
> ---
> > 
> >  Options All
> >  AuthType Basic
> >  AuthUserFile /etc/apache/.htpasswd
> >  AuthGroupFile /etc/apache/.htgroup
> > 
> > AllowOverride All
> > 
> > AuthName "employee"
> > <Limit GET>
> > order allow,deny
> > allow from foohost barhost secrethost
> > require group emps
> > </Limit>> 
> 50a71
> > <Directory /var/www/mlu/wwwint/servlet>
> 51a73,91
> >  Options Indexes FollowSymLinks
> >  AuthType Basic
> >  AuthUserFile /etc/apache/.htpasswd
> >  AuthGroupFile /etc/apache/.htgroup
> > 
> > AllowOverride All
> > 
> > AuthName "employee"
> > <Limit GET>
> > order allow,deny
> > allow from foohost barhost secrethost
> > require group emps
> > </Limit>
> > 
> > </Directory>
> 86c126
> < HostnameLookups Off
> ---
> > HostnameLookups On
> 112d151
> < ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
> 114c153,155
> < <Directory "/usr/local/apache/cgi-bin">
> ---
> > ScriptAlias /cgi-bin /var/www/cgi-bin
> > 
> > <Directory "/var/www/cgi-bin">
> 116c157
> <     Options None
> ---
> >     Options All
> 202a244
> > Include /usr/local/apache/conf/jserv/jserv.conf
> 
> ######### diff jserv.conf.default jserv.conf
> 
> ######### diff jserv.properties.default jserv.properties
> 
> ######### diff zone.properties.default zone.properties
> 5c5
> < repositories=/usr/local/apache/servlets
> ---
> > repositories=/var/www/mlu/wwwint/servlet
> 
> 
> 
> /Markku Luotamo
> 
> 
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe:        [EMAIL PROTECTED]
> To unsubscribe:      [EMAIL PROTECTED]
> Archives and Other:  <http://java.apache.org/main/mail.html>
> Problems?:           [EMAIL PROTECTED]
> 


--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]
RE: Basic user/passwd dialog authentication for servlet zones ?

Reply via email to
