geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jia Mao <maojia....@gmail.com>
Subject Re: Generic Header based authentication
Date Fri, 22 Oct 2010 06:22:12 GMT 
Hi


The problem is solved. It is caused by the incorrect configuration in
httpd.conf, which is now changed to the following snippets:



LoadModule headers_module modules/mod_headers.so
<IfModule mod_headers.c>

<Location /demo_properties>

RequestHeader add SM_USER izumi

</Location>

</IfModule>


The “LoadModule headers_module modules/mod_headers.so” is moved ahead and
everything works fine now.



Best wishes,



MAO Jia






2010/10/19 Jia Mao <maojia.508@gmail.com>

> Hi
>
> I used the 2.1.7 server,geronimo-tomcat6-javaee5-2.1.7-SNAPSHOT-bin, built
> on 2010.10.19 trying to verify the Generic Header based authentication as
> described in Geronimo-5197 on the windows platform.
>
>
> I installed the Apache Http Server and configured its httpd.conf file by
> adding the following snippets:
>
> LoadModule proxy_module modules/mod_proxy.so
>
> LoadModule proxy_http_module modules/mod_proxy_http.so
>
>
> <IfModule mod_proxy.c>
>
> ProxyPass /console http://localhost:8080/console
>
> ProxyPass /demo_properties http://localhost:8080/demo_properties
>
> </IfModule>
>
>
> <IfModule mod_proxy.c>
>
> ProxyPassReverse / http://localhost:8080/
>
> </IfModule>
>
>
> <IfModule mod_headers.c>
>
> <Location /demo_properties>
>
> RequestHeader add SM_USER izumi
>
> </Location>
>
> </IfModule>
>
> LoadModule headers_module modules/mod_headers.so
>
>
> The deployment plan, TestPropsRealm.xml, for the properties file security
> realm is attached in the mail. In the realm, there are two additional tags:
>
> <log:option name="headerNames">SM_USER</log:option>
>
> <log:option name="authenticationAuthority">Siteminder</log:option>
>
> which shall configure the security realm for properties login module to
> use Generic Header based authentication.
>
>
> The two properties files used are: demo_groups.properties &
> demo_users.properties, attached in the mail.
>
>
> The application for verification is file-realm-demo-2.1.1.2_properties,
> also attached in the mail. If working correctly, to access the protect files
> from the index page, users should be linked to the logon page. However, by
> clicking on the “Protect” link, a 403 - Forbidden HTTP error was received.
>
>
> The information from Geronimo log is as follows:
>
>
> 2010-10-19 11:04:11,888 WARN  [GenericHttpHeaderLoginmodule] An
> Unauthorized attempt has been made to access the protected resource from
> host 127.0.0.1
>
>
> Could anyone provide some advice on the issue. Thank you very much!
>
>
> MAO Jia
>
>
Mime
View raw message