Just found my answer in the JServ 1.0 FAQ
The key to triggering Apache basic authentication so that Tomcat servlets
can do a getRemoteUser is to make sure that your Apache httpd.conf
directives are inside <Location> tags, after the ApJServMount directive --
not inside <Directory> tags. Then it works like a charm.
Of course, you also need to make sure your httpd.conf is using a hand-edited
copy of tomcat-apache.conf rather than the auto-generated one.
- Pat
> -----Original Message-----
> From: Moore, Patrick [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, April 10, 2001 11:11 AM
> To: '[EMAIL PROTECTED]'
> Subject: Apache Basic authentication and tomcat connector
>
>
> We are in a conundrum, having planned to use our custom DCE/Kerberos
> Apache BasicAA plug-in, and use Tomcat for servlets.
>
> The idea is to rope off Tomcat+Apache into a trusted and
> isolated system,
> available to users only via the Apache https service. Then Tomcat can
> acquire credentials via a java utility that simply assumes
> getRemoteUser()
> returns an authenticated user.
>
> We can do that now in Netscape+JRun, figured it should work in
> Apache+Tomcat.
>
> But evidently it will not work, even if we hand edit our httpd.conf to
> require basic authentication on servlet directories, Apache
> is handing off
> to the tomcat web connector without calling the Apache
> BasicAA handler.
> (Apache 1.3.17, Tomcat 3.2.1, ajp1.2)
>
> Is there a fix or workaround?
> Would AJP1.3 help?
> Would Tomcat 4 webconnector call an Apache mod_auth module based on a
> trigger in web.xml?
>
>
> Thanks
> Pat
>
>
