It should work for virtual hosts.
Don't virtual hosts have content in separate locations? Like /www/virtual/host1/htdocs and /www/virtual/host2/htdocs? If that's the case, the Location directive will work, just put the path name in there. The hostname on the URL is irrelevant (and an error according to the apache docs). By doing it that way, and setting it up as Jake suggested, Apache should authenticate requests for that resource (according to path) before forwarding the request to tomcat. John Turner [EMAIL PROTECTED] -----Original Message----- From: Josh Landin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 2:13 PM To: Tomcat Users List Subject: RE: Apache Authentication for Tomcat That may very well work for the <Location> security implementation but it doesn't seem to work for the <Virtualhost> style. I added my JkMounts after (outside of) the VirtualHost tag and requests made to the JkMounts are forwarded to Tomcat without authentication. Anyone else, know how to do this? -- Josh > -----Original Message----- > From: Jacob Kjome [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 30, 2002 1:12 PM > To: Tomcat Users List; [EMAIL PROTECTED] > Subject: Re: Apache Authentication for Tomcat > > > Hello Josh, > > I have my Apache authentication set up like this: > > <Location "/myapp"> > AuthType Basic > AuthName "protected area" > AuthUserFile security/.htpasswd > AuthGroupFile security/.htgroup > require group myapp_admin myapp_user > </Location> > > One thing to note is the Apache authentication configuration comes > before the JKMounts. I include mod_jk.conf as the last thing in my > httpd.conf file. I have had no problems with this setup even when > passing every request to "/myapp" to Tomcat like: > > JkMount /myapp ajp13 > JkMount /myapp/* ajp13 > > > Apache *always* catches it first and forces BASIC authentication. > > Jake > > Tuesday, July 30, 2002, 11:58:21 AM, you wrote: > > JL> I'm running apache-2.0.39 and tomcat-4.0.2 using mod_jk > compiled on RH7.2. I > JL> setup Apache to require authentication for a given virtual > host using an > JL> htpasswd file. Because the same virtual host has some JkMount > directives, > JL> some requests are forwarded on to Tomcat without > authentication. How can I > JL> configure this so Apache always handles and requires > authentication for > JL> requests prior to handing them off to Tomcat? > > JL> In my httpd.conf I have the following: > > JL> <VirtualHost *> > JL> DocumentRoot /drives/a/webapps/intranet1 > JL> ServerName intranet1 > JL> JkMount /*.jsp zeuscat > JL> JkMount /wup/* zeuscat > JL> ServerAlias *intranet1 > JL> <Directory "/drives/a/webapps/intranet1"> > JL> AuthUserFile /drives/a/webapps/.intranet1_passwd > JL> AuthName "restricted.zeus.intranet1" > JL> AuthType Basic > JL> Require valid-user > JL> </Directory> > JL> </VirtualHost> > > JL> In my server.xml I have the following: > > JL> <Host name="intranet1" > > JL> <Context path="" docBase="/drives/a/webapps/intranet1"/> > JL> <Logger className="org.apache.catalina.logger.FileLogger" > JL> directory="logs" prefix="intranet1_log." suffix=".txt" > JL> timestamp="true"/> > JL> </Host> > > > JL> -- > JL> Josh > > > JL> -- > JL> To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > JL> For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > Best regards, > Jacob mailto:[EMAIL PROTECTED] > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
