-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Colin,
On 1/13/2010 4:33 PM, cgswtsu78 wrote:
> Thanks for the info below. The problem I have is that the authentication is
> already being done on the apache side as my java/tomcat web application
> lives within an apache perl application. I'm just
You may be able to use the following from HttpServletRequest if
REMOTE_USER is passed to Tomcat:
getRemoteUser
public java.lang.String *getRemoteUser*()
Returns the login of the user making this request, if the user has
been authenticated, or |null| if the user has not been
auth
AyegCfa+RzlKYGTzEGSPO879eAjOYp
> qHwAoIBF4jIjEHmtFpGHuxXOusWIDul4
> =cDfv
> -----END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomc
879eAjOYp
> qHwAoIBF4jIjEHmtFpGHuxXOusWIDul4
> =cDfv
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
> From: cgswtsu78 [mailto:cg...@proofpoint.com]
> Subject: RE: Best Basic Auth Approach
>
> Is there anyway to configure tomcat to just check the
> httpd flag?
I believe all you need to do is set tomcatAuthentication to false in the AJP
:
http://tomcat.apache.org/tomcat-6.0-doc/
Thanks for the info. Is there anyway to configure tomcat to just check the
httpd flag? If its not set challenge the user if it is set allow access to
the resource?
n828cl wrote:
>
>> From: cgswtsu78 [mailto:cg...@proofpoint.com]
>> Subject: Best Basic Auth Approach
>>
> From: cgswtsu78 [mailto:cg...@proofpoint.com]
> Subject: Best Basic Auth Approach
>
> I've seen some of the tomcat basic auth examples on the web
> and all of them hardcode a user id/password for a role in the
> tomcat-users.xml file.
Stop there, and read the Tomcat do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Colin,
On 1/13/2010 4:01 PM, cgswtsu78 wrote:
> I'm new to tomcat and apache and I've seen some of the tomcat basic auth
> examples on the web and all of them hardcode a user id/password for a role
> in the tomcat-users.xml file.
Yuck!
> What if the
the tomcat container. What is the best approach when
you have 1000s of userid/pwds that are verified by apache and you need to
make sure that the user is auth'd when they get to the webapp in the tomcat
container?
-Colin
--
View this message in context:
http://old.nabble.com