Hi
The problem is solved. It is caused by the incorrect configuration in
httpd.conf, which is now changed to the following snippets:
LoadModule headers_module modules/mod_headers.so
<IfModule mod_headers.c>
<Location /demo_properties>
RequestHeader add SM_USER izumi
</Location>
</IfModule>
The “LoadModule headers_module modules/mod_headers.so” is moved ahead and
everything works fine now.
Best wishes,
MAO Jia
2010/10/19 Jia Mao <maojia.508@gmail.com>
> Hi
>
> I used the 2.1.7 server,geronimo-tomcat6-javaee5-2.1.7-SNAPSHOT-bin, built
> on 2010.10.19 trying to verify the Generic Header based authentication as
> described in Geronimo-5197 on the windows platform.
>
>
> I installed the Apache Http Server and configured its httpd.conf file by
> adding the following snippets:
>
> LoadModule proxy_module modules/mod_proxy.so
>
> LoadModule proxy_http_module modules/mod_proxy_http.so
>
>
> <IfModule mod_proxy.c>
>
> ProxyPass /console http://localhost:8080/console
>
> ProxyPass /demo_properties http://localhost:8080/demo_properties
>
> </IfModule>
>
>
> <IfModule mod_proxy.c>
>
> ProxyPassReverse / http://localhost:8080/
>
> </IfModule>
>
>
> <IfModule mod_headers.c>
>
> <Location /demo_properties>
>
> RequestHeader add SM_USER izumi
>
> </Location>
>
> </IfModule>
>
> LoadModule headers_module modules/mod_headers.so
>
>
> The deployment plan, TestPropsRealm.xml, for the properties file security
> realm is attached in the mail. In the realm, there are two additional tags:
>
> <log:option name="headerNames">SM_USER</log:option>
>
> <log:option name="authenticationAuthority">Siteminder</log:option>
>
> which shall configure the security realm for properties login module to
> use Generic Header based authentication.
>
>
> The two properties files used are: demo_groups.properties &
> demo_users.properties, attached in the mail.
>
>
> The application for verification is file-realm-demo-2.1.1.2_properties,
> also attached in the mail. If working correctly, to access the protect files
> from the index page, users should be linked to the logon page. However, by
> clicking on the “Protect” link, a 403 - Forbidden HTTP error was received.
>
>
> The information from Geronimo log is as follows:
>
>
> 2010-10-19 11:04:11,888 WARN [GenericHttpHeaderLoginmodule] An
> Unauthorized attempt has been made to access the protected resource from
> host 127.0.0.1
>
>
> Could anyone provide some advice on the issue. Thank you very much!
>
>
> MAO Jia
>
>
|