Re: Best Basic Auth Approach

2010-01-15 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Colin, On 1/13/2010 4:33 PM, cgswtsu78 wrote: > Thanks for the info below. The problem I have is that the authentication is > already being done on the apache side as my java/tomcat web application > lives within an apache perl application. I'm just

Re: Best Basic Auth Approach

2010-01-13 Thread Terence M. Bandoian
You may be able to use the following from HttpServletRequest if REMOTE_USER is passed to Tomcat: getRemoteUser public java.lang.String *getRemoteUser*() Returns the login of the user making this request, if the user has been authenticated, or |null| if the user has not been auth

RE: Best Basic Auth Approach

2010-01-13 Thread Joseph Morgan
AyegCfa+RzlKYGTzEGSPO879eAjOYp > qHwAoIBF4jIjEHmtFpGHuxXOusWIDul4 > =cDfv > -----END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomc

Re: Best Basic Auth Approach

2010-01-13 Thread cgswtsu78
879eAjOYp > qHwAoIBF4jIjEHmtFpGHuxXOusWIDul4 > =cDfv > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >

RE: Best Basic Auth Approach

2010-01-13 Thread Caldarale, Charles R
> From: cgswtsu78 [mailto:cg...@proofpoint.com] > Subject: RE: Best Basic Auth Approach > > Is there anyway to configure tomcat to just check the > httpd flag? I believe all you need to do is set tomcatAuthentication to false in the AJP : http://tomcat.apache.org/tomcat-6.0-doc/

RE: Best Basic Auth Approach

2010-01-13 Thread cgswtsu78
Thanks for the info. Is there anyway to configure tomcat to just check the httpd flag? If its not set challenge the user if it is set allow access to the resource? n828cl wrote: > >> From: cgswtsu78 [mailto:cg...@proofpoint.com] >> Subject: Best Basic Auth Approach >>

RE: Best Basic Auth Approach

2010-01-13 Thread Caldarale, Charles R
> From: cgswtsu78 [mailto:cg...@proofpoint.com] > Subject: Best Basic Auth Approach > > I've seen some of the tomcat basic auth examples on the web > and all of them hardcode a user id/password for a role in the > tomcat-users.xml file. Stop there, and read the Tomcat do

Re: Best Basic Auth Approach

2010-01-13 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Colin, On 1/13/2010 4:01 PM, cgswtsu78 wrote: > I'm new to tomcat and apache and I've seen some of the tomcat basic auth > examples on the web and all of them hardcode a user id/password for a role > in the tomcat-users.xml file. Yuck! > What if the

Best Basic Auth Approach

2010-01-13 Thread cgswtsu78
the tomcat container. What is the best approach when you have 1000s of userid/pwds that are verified by apache and you need to make sure that the user is auth'd when they get to the webapp in the tomcat container? -Colin -- View this message in context: http://old.nabble.com