Rainer Jung wrote:
> On 05.12.2011 10:42, oh...@cox.net wrote:
> >
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >> ...
> >>> Rainer Jung wrote:
> Although this thread has moved forward towards the role topic, I want to
> give some infos about the user forward
On 05.12.2011 10:42, oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
...
Rainer Jung wrote:
Although this thread has moved forward towards the role topic, I want to
give some infos about the user forwarding by mod_jk. Some of it was
already present in previous pos
"André Warnier" wrote:
> oh...@cox.net wrote:
> ...
> > Rainer Jung wrote:
> >> Although this thread has moved forward towards the role topic, I want to
> >> give some infos about the user forwarding by mod_jk. Some of it was
> >> already present in previous posts.
> >>
> >> 1) In
oh...@cox.net wrote:
...
Rainer Jung wrote:
Although this thread has moved forward towards the role topic, I want to
give some infos about the user forwarding by mod_jk. Some of it was
already present in previous posts.
1) In order to let Tomcat accept the user, you need to set
tomcatA
Rainer Jung wrote:
> On 02.12.2011 17:49, André Warnier wrote:
> > oh...@cox.net wrote:
> >> oh...@cox.net wrote:
> >>> "André Warnier" wrote:
> oh...@cox.net wrote:
> ...
> > > tomcatAuthentication="false" />
> >
> That is correct. The "false" means t
On 02.12.2011 17:49, André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
...
That is correct. The "false" means that Tomcat will not do it's own
authentication, and will instead rely on the authenticated user-id
passed by th
oh...@cox.net wrote:
>
> "Caldarale wrote:
> > > From: oh...@cox.net [mailto:oh...@cox.net]
> > > Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> > > authentication?
> >
> > > In other words,
oh...@cox.net wrote:
"Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support "no password" authentication?
In other words, even though my valve code can assert a user
into Tomcat, and even if that same user al
"Caldarale wrote:
> > From: oh...@cox.net [mailto:oh...@cox.net]
> > Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> > authentication?
>
> > In other words, even though my valve code can assert a user
> > into T
> From: oh...@cox.net [mailto:oh...@cox.net]
> Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> authentication?
> In other words, even though my valve code can assert a user
> into Tomcat, and even if that same user already exists in the
>
> > >
> > > Hi,
> > >
> > > I didn't say anything about it before, but I've been, in parallel with
> > > our discussion, mucking around both the OAM innards and the Apache source
> > > code, as best I can, trying to find out why that internal remote_user
> > > string (it is, I believe, only i
oh...@cox.net wrote:
>
> oh...@cox.net wrote:
> >
> > "André Warnier" wrote:
> > > oh...@cox.net wrote:
> > > > "André Warnier" wrote:
> > > >> oh...@cox.net wrote:
> > > >>> "André Warnier" wrote:
> > > oh...@cox.net wrote:
> > > >> Now let me ask anoth
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > > "André Warnier" wrote:
> > >> oh...@cox.net wrote:
> > >>> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > >> Now let me ask another question :
> > >> Why do you need to auth
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >>> "André Warnier" wrote:
> oh...@cox.net wrote:
> >> Now let me ask another question :
> >> Why do you need to authenticate the user at the Apache level, and pas
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously, from the OAM documentation I s
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> Now let me ask another question :
> Why do you need to authenticate the user at the Apache level, and pass
> this user-id to
> Tomcat ?
> Obviously, from th
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM module directly
for
"André Warnier" wrote:
> oh...@cox.net wrote:
> >> Now let me ask another question :
> >> Why do you need to authenticate the user at the Apache level, and pass
> >> this user-id to
> >> Tomcat ?
> >> Obviously, from the OAM documentation I scanned, there must exist an OAM
> >> module di
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM module directly
for Tomcat, to authenticate users there. Why are you n
> Now let me ask another question :
> Why do you need to authenticate the user at the Apache level, and pass this
> user-id to
> Tomcat ?
> Obviously, from the OAM documentation I scanned, there must exist an OAM
> module directly
> for Tomcat, to authenticate users there. Why are you not usi
oh...@cox.net wrote:
oh...@cox.net wrote:
"André Warnier" wrote:
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > André Warnier wrote:
> > > oh...@cox.net wrote:
> > >> oh...@cox.net wrote:
> > >>> P.S. I forgot to mention:
> > >>>
> > >>> As you know, I'd been using a sniffer, to see the data on the
> > >>> Apache-to-Tomcat connection.
"André Warnier" wrote:
> André Warnier wrote:
> > oh...@cox.net wrote:
> >> oh...@cox.net wrote:
> >>> P.S. I forgot to mention:
> >>>
> >>> As you know, I'd been using a sniffer, to see the data on the
> >>> Apache-to-Tomcat connection. I have a sniff from earlier, where I
> >>> w
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier, where I
was using "ProxyPass ajp://", and, comparing that sniff vs. a sniff
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat connection. I
have a sniff from earlier, where I was using "ProxyPass ajp://", and, comparing that
sniff vs. a sniff that I have from when
oh...@cox.net wrote:
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a "JkMountCopy 'on'"
inside the , and now, it's at least
oh...@cox.net wrote:
> P.S. I forgot to mention:
>
> As you know, I'd been using a sniffer, to see the data on the
> Apache-to-Tomcat connection. I have a sniff from earlier, where I was using
> "ProxyPass ajp://", and, comparing that sniff vs. a sniff that I have from
> when I tested
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat
connection. I have a sniff from earlier, where I was using "ProxyPass ajp://",
and, comparing that sniff vs. a sniff that I have from when I tested with your
suggested , in the latter snif
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > > "André Warnier" wrote:
> > >> oh...@cox.net wrote:
> > >>
> > >> .. re-synchronising..
> > >>> I've made some progress. I have a VirtualHost, so I had to add a
> > >>> "JkMountCopy 'on'" inside th
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >>
> >> .. re-synchronising..
> >>> I've made some progress. I have a VirtualHost, so I had to add a
> >>> "JkMountCopy 'on'" inside the , and now, it's at least
> >>> proxying thr
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a "JkMountCopy 'on'"
inside the , and now, it's at least proxying through to the Tomcat using
mod_jk!!
BUT, it's still not logging me
"André Warnier" wrote:
> oh...@cox.net wrote:
>
> .. re-synchronising..
> >
> > I've made some progress. I have a VirtualHost, so I had to add a
> > "JkMountCopy 'on'" inside the , and now, it's at least
> > proxying through to the Tomcat using mod_jk!!
> >
> > BUT, it's still not log
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a "JkMountCopy 'on'"
inside the , and now, it's at least proxying through to the Tomcat using
mod_jk!!
BUT, it's still not logging me into the Tomcat :(...
I don't want to post the ent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 2:08 PM, oh...@cox.net wrote:
> Christopher Schultz wrote:
>>
>> See
>> http://tomcat.apache.org/connectors-doc/reference/apache.html.
>> Specifically, the JkRemoteUserIndicator directive which allows
>> you to override the env
oh...@cox.net wrote:
Christopher Schultz wrote:
Chris, you managed to confuse the guy..
...
To be clear, in the discussion before now, I was just using mod_ajp
and that was a perfectly valid way to connect Apache to Tomcat.
...
I'm now in the process of trying to switch my Apach
oh...@cox.net wrote:
>
> Christopher Schultz wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Jim,
> >
> > On 12/2/11 11:26 AM, oh...@cox.net wrote:
> > > Sure. Here's the section from httpd.conf. This is testing where I
> > > purposely insert a "REMOTE_USER" H
Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Jim,
>
> On 12/2/11 11:26 AM, oh...@cox.net wrote:
> > Sure. Here's the section from httpd.conf. This is testing where I
> > purposely insert a "REMOTE_USER" HTTP header into the request
> > being proxied. A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 11:26 AM, oh...@cox.net wrote:
> Sure. Here's the section from httpd.conf. This is testing where I
> purposely insert a "REMOTE_USER" HTTP header into the request
> being proxied. As I said, I have a sniffer on the line, and I can
> s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/1/11 11:29 PM, oh...@cox.net wrote:
> Also, BTW, I just did a test where, in the Apache httpd.conf, I
> hard-coded REMOTE_USER header using RequestHeader.
>
> In my sniffer, I can see the REMOTE_USER set to the hard-coded
> string, but in my
"André Warnier" wrote:
> oh...@cox.net wrote:
> > oh...@cox.net wrote:
> >> "André Warnier" wrote:
> >>> oh...@cox.net wrote:
> >>> ...
> tomcatAuthentication="false" />
>
> >>> That is correct. The "false" means that Tomcat will not do it's own
> >>> authe
oh...@cox.net wrote:
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
...
That is correct. The "false" means that Tomcat will not do it's own authentication, and
will instead rely on the authenticated user-id passed by the front-end server.
Now could you als
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > >
> > ...
> > >
> > > > > tomcatAuthentication="false" />
> > >
> > That is correct. The "false" means that Tomcat will not do it's own
> > authentication, and
> > will instead rely on the authenti
"André Warnier" wrote:
> oh...@cox.net wrote:
> >
> ...
> >
> > > tomcatAuthentication="false" />
> >
> That is correct. The "false" means that Tomcat will not do it's own
> authentication, and
> will instead rely on the authenticated user-id passed by the front-end server.
>
> N
oh...@cox.net wrote:
...
That is correct. The "false" means that Tomcat will not do it's own authentication, and
will instead rely on the authenticated user-id passed by the front-end server.
Now could you also show us the section of your Apache front-end configuration, containing
t
"Caldarale wrote:
> > From: oh...@cox.net [mailto:oh...@cox.net]
> > Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> > authentication?
>
> > In my sniffer, I can see the REMOTE_USER set to the hard-coded
>
> From: oh...@cox.net [mailto:oh...@cox.net]
> Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> authentication?
> In my sniffer, I can see the REMOTE_USER set to the hard-coded
> string, but in my test JSP on Tomcat, there getUserPrincipal()
&
oh...@cox.net wrote:
>
> oh...@cox.net wrote:
> >
> > "André Warnier" wrote:
> > > oh...@cox.net wrote:
> > > > "André Warnier" wrote:
> > > >> oh...@cox.net wrote:
> > > >>> Hi,
> > > >>>
> > > >>> I'm new here, and hope that someone can help.
> > > >>>
> > > >>> I was
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > > "André Warnier" wrote:
> > >> oh...@cox.net wrote:
> > >>> Hi,
> > >>>
> > >>> I'm new here, and hope that someone can help.
> > >>>
> > >>> I was wondering if any of the LDAP-type realms (e.g., JND
Mark Thomas wrote:
> On 01/12/2011 18:17, oh...@cox.net wrote:
> > Having said all of that, I guess that my question has changed
> > somewhat. Specifically, now I'm wondering: With what I described
> > above, and with my valve as described above, does the asserted user
> > NOT have to be
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >>> Hi,
> >>>
> >>> I'm new here, and hope that someone can help.
> >>>
> >>> I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
> >>> support an authentication m
oh...@cox.net wrote:
"André Warnier" wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, wher
On 01/12/2011 18:17, oh...@cox.net wrote:
> Having said all of that, I guess that my question has changed
> somewhat. Specifically, now I'm wondering: With what I described
> above, and with my valve as described above, does the asserted user
> NOT have to be in the Tomcat realm at all?
Correct.
"André Warnier" wrote:
> oh...@cox.net wrote:
> > Hi,
> >
> > I'm new here, and hope that someone can help.
> >
> > I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
> > support an authentication mode where no password or credentials are
> > required? In other word
> I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
> support an authentication mode where no password or credentials are required?
It's hard to imagine a valid use case for this -- I hope you know what
you're doing. That said, you could use JAASRealm with
http://code.google
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, where just a userID/username is presented, and if that u
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, where just a userID/username is presented, and if that userID/username
is pres
56 matches
Mail list logo
