Re: Why does mod_jk bypass Apache authorization?

Am 11.09.2014 um 22:15 schrieb Daniel Pfeiffer: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid for a simple Location directive. If you want regular expressions you'll have to use either LocationMatch or Location ~ (Location followed by the ~) This was the

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 André, On 9/12/14 6:07 PM, André Warnier wrote: Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 11:14 AM, Mark Eggers wrote: Chris, On 9/12/2014 7:13 AM, Christopher Schultz wrote: Daniel, On

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 8:36 PM, Mark Eggers wrote: Here was my naive thought. haven't tested this yet (may be a project for this weekend). Outside of a Location or LocatioMatch directive, the JkMount directive parses the configured URL prefix. If

Re: Why does mod_jk bypass Apache authorization?

Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 8:36 PM, Mark Eggers wrote: Here was my naive thought. haven't tested this yet (may be a project for this weekend). Outside of a Location or LocatioMatch directive, the JkMount directive parses the

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 André, On 9/15/14 11:45 AM, André Warnier wrote: Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 8:36 PM, Mark Eggers wrote: Here was my naive thought. haven't tested this yet (may be a project

Re: Why does mod_jk bypass Apache authorization?

Daniel Pfeiffer wrote: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid for a simple Location directive. If you want regular expressions you'll have to use either LocationMatch or Location ~ (Location followed by the ~) This was the decisive hint! JkMount

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 9/11/14 4:15 PM, Daniel Pfeiffer wrote: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid for a simple Location directive. If you want regular expressions you'll have to use either LocationMatch or

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris, On 9/12/2014 7:13 AM, Christopher Schultz wrote: Daniel, On 9/11/14 4:15 PM, Daniel Pfeiffer wrote: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid for a simple Location directive. If you want regular

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 André, On 9/12/2014 2:00 AM, André Warnier wrote: Daniel Pfeiffer wrote: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid for a simple Location directive. If you want regular expressions you'll have to use

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 11:14 AM, Mark Eggers wrote: Chris, On 9/12/2014 7:13 AM, Christopher Schultz wrote: Daniel, On 9/11/14 4:15 PM, Daniel Pfeiffer wrote: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid

Re: Why does mod_jk bypass Apache authorization?

Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 11:14 AM, Mark Eggers wrote: Chris, On 9/12/2014 7:13 AM, Christopher Schultz wrote: Daniel, On 9/11/14 4:15 PM, Daniel Pfeiffer wrote: On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9/12/2014 3:07 PM, André Warnier wrote: Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 11:14 AM, Mark Eggers wrote: Chris, On 9/12/2014 7:13 AM, Christopher Schultz wrote: Daniel, On 9/11/14

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9/12/2014 5:36 PM, Mark Eggers wrote: On 9/12/2014 3:07 PM, André Warnier wrote: Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/12/14 11:14 AM, Mark Eggers wrote: Chris, On 9/12/2014 7:13 AM,

Re: Why does mod_jk bypass Apache authorization?

On 2014-09-10 22:12, Mark Eggers wrote: I don't think that the trailing /* is valid for a simple Location directive. If you want regular expressions you'll have to use either LocationMatch or Location ~ (Location followed by the ~) This was the decisive hint! JkMount needs /*, but Location

Why does mod_jk bypass Apache authorization?

Since switching from Apache 2.2 authorization gets bypassed for many JkMounts (except jk-status). If I cancel the browser password popup, I get a 401-page. It is not, as I expect, the one from Apache, but instead from JBoss, which it shouldn't have been allowed to talk to. (I found this because

Re: Why does mod_jk bypass Apache authorization?

Daniel Pfeiffer wrote: Since switching from Apache 2.2 authorization gets bypassed for many JkMounts (except jk-status). If I cancel the browser password popup, I get a 401-page. It is not, as I expect, the one from Apache, but instead from JBoss, which it shouldn't have been allowed to talk

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9/10/2014 12:52 PM, André Warnier wrote: Daniel Pfeiffer wrote: Since switching from Apache 2.2 authorization gets bypassed for many JkMounts (except jk-status). If I cancel the browser password popup, I get a 401-page. It is not, as I expect,

Re: Why does mod_jk bypass Apache authorization?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 9/10/14 3:40 PM, Daniel Pfeiffer wrote: Since switching from Apache 2.2 authorization gets bypassed for many JkMounts (except jk-status). If I cancel the browser password popup, I get a 401-page. It is not, as I expect, the one from