Re: two questions
On Fri, 2003-11-21 at 16:00, Kumar, Sumit wrote: I am trying to use authentication of a product, that uses Basic authentication using JAAS. It stores data in database using SHA-1 encryption and uses Tomcat as servlet engine. Not in any of the web.xml of several webapps deployed do they specify to use Basic authentication. I am wondering Tomcat supports basic, form, client-cert, and digest authentication. Unfortunately digest suffers the same security issues as basic authentication, is not supported by most browsers, and is not required by the servlet spec... so I wouldn't recommend you use it. If client-cert authentication is not an option then go for basic or form auth and assign a transport-guarantee to ensure the authentication happens over secure channels (SSL). (Not sure how transport-guarantee works w/ alternate front-end via mod_jk and such but similar steps can be taken with Apache or IIS) is there any other place also where you can specify the login-config and realm-name besides web.xml. or any other suggestions to go abt it. Nope, not for container managed authentication with Tomcat. -sumit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: make error of mod-jk2 in Redhat Linux
go to ${apache2.home}/lib and link libapr-0.so to libapr.so and try again... this hint shamelessly lifted from: http://www.pubbitch.org/jboss/mod_jk2.html On Fri, 2003-11-21 at 16:01, Asif Chowdhary wrote: After running the ./configure --with-apxs2=/usr/sbin/apxs I run the make command I get this error. Please Help /usr/bin/ld: cannot find -lapr-0 collect2: ld returned 1 exit status make[1]: *** [../../../build/jk2/apache2/jkjni.la] Error 1 make[1]: Leaving directory `/home/asifc/jakarta-tomcat-connectors-jk2-2.0.2-src/jk/native2/server/apache2' make: *** [jk2-build] Error 1 mailto:[EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat + Apache + SSL
You can use mod_rewrite in Apache. It's been a while but I believe something such as this in your httpd.conf should do the trick: RewriteEngine On RewriteRule ^/securecontext(.*) https://servername/securecontext$1 [R] I may be off a bit, so check the docs at: http://httpd.apache.org/docs/mod/mod_rewrite.html or this helpful guide: http://www.engelschall.com/pw/apache/rewriteguide/ On Tue, 2003-09-23 at 12:04, Robert D. Abernethy IV wrote: I have apache set up to redirect requests for a specific context to Tomcat. I am curious if there is a way to force all requests to that context to be redirected through SSL. http://servername/securecontext -- https://servername/sercurecontext http://servername/everythingelse -- http://servername/everythingelse Is this something I set up in workers2.properties or httpd.conf? Can anyone point me at a decent tutorial? Thanks. Rob Abernethy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Sean Bruton [EMAIL PROTECTED] Senior Engineer Network Services NeoSpire, Inc.www.neospire.net - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]