HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access
I need to figure out a way to 'gate' access in a broad sense to the overall website on a test server. The site is all JSP, using Apache and Tomcat, but .htaccess doesn't work, as it appears that Apache hands off to Tomcat prior to doing the .htaccess check. Does anyone have a solution to this? This is only for a test server, so general access is limited. So I just want users upon first accessing the site to have to enter a username/password as a basic authentication to view the site... I need to get this done quickly, if it's possible. thanks, Kim :-)
Re: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access
http://www.apache-ssl.org/ M-- - Original Message - From: Kim Albee [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, September 19, 2007 2:22 PM Subject: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access I need to figure out a way to 'gate' access in a broad sense to the overall website on a test server. The site is all JSP, using Apache and Tomcat, but .htaccess doesn't work, as it appears that Apache hands off to Tomcat prior to doing the .htaccess check. Does anyone have a solution to this? This is only for a test server, so general access is limited. So I just want users upon first accessing the site to have to enter a username/password as a basic authentication to view the site... I need to get this done quickly, if it's possible. thanks, Kim :-) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access
M - I'm confused. we don't need SSL at all here... ??? clarification? thanks, Kim :-) On 9/19/00, Martin Gainty [EMAIL PROTECTED] wrote: http://www.apache-ssl.org/ M-- - Original Message - From: Kim Albee [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Wednesday, September 19, 2007 2:22 PM Subject: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access I need to figure out a way to 'gate' access in a broad sense to the overall website on a test server. The site is all JSP, using Apache and Tomcat, but .htaccess doesn't work, as it appears that Apache hands off to Tomcat prior to doing the .htaccess check. Does anyone have a solution to this? This is only for a test server, so general access is limited. So I just want users upon first accessing the site to have to enter a username/password as a basic authentication to view the site... I need to get this done quickly, if it's possible. thanks, Kim :-) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kim, Kim Albee wrote: I'm confused. we don't need SSL at all here... ??? clarification? Confusion is par for the course with responses from Martin. Since mod_jk (I assume you're using mod_jk) maps URIs to Tomcat, your mapping will occur before Apache httpd consults the filesystem to see if there's anything like an .htaccess file in there. I think you'll have to do this at the top-level of your virtual host within httpd.conf (or wherever you define your virtual/non-virtual host). You might not be able to do it in an .htaccess file at all. Are you able to modify your own Apache configuration? If not, you may have to ask your system administrator to do it for you. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8Xex9CaO5/Lv0PARArCXAJ48pOaeMSNtWT+vTrn9EM8/srdI9wCeIb67 2Sd2VUeO1I42F4Z2YTj9Uyo= =Ir3N -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access
Confusing Chris- what happens when there is no .htaccess to place your RewriteRules? M-- - Original Message - From: Bill Barker [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Wednesday, September 19, 2007 9:28 PM Subject: Re: HELP -- need to get Basic Authentication working (.htaccess) with Apache/Tomcat 5 to prevent access Christopher Schultz [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kim, Kim Albee wrote: I'm confused. we don't need SSL at all here... ??? clarification? Confusion is par for the course with responses from Martin. Since mod_jk (I assume you're using mod_jk) maps URIs to Tomcat, your mapping will occur before Apache httpd consults the filesystem to see if there's anything like an .htaccess file in there. Yes, mod_jk for Apache 2.x with tell Apache to skip checking the directory for .htaccess once it has found a match. And, since .htaccess is just another file to Tomcat, if you have mappings like: JkMount /myapp/* worker1 then Tomcat will happily serve the file to anybody that requests it :). I think that you can get it to work with mod_proxy_ajp if you put your ProxyPass statements in a Directory block, but I haven't tried it. You can place RewriteRules in .htaccess, so I imagine that that will always work. I think you'll have to do this at the top-level of your virtual host within httpd.conf (or wherever you define your virtual/non-virtual host). You might not be able to do it in an .htaccess file at all. Are you able to modify your own Apache configuration? If not, you may have to ask your system administrator to do it for you. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8Xex9CaO5/Lv0PARArCXAJ48pOaeMSNtWT+vTrn9EM8/srdI9wCeIb67 2Sd2VUeO1I42F4Z2YTj9Uyo= =Ir3N -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
