Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 46695 invoked from network); 14 Jul 2008 10:54:03 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 14 Jul 2008 10:54:03 -0000 Received: (qmail 38517 invoked by uid 500); 14 Jul 2008 10:53:40 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 38483 invoked by uid 500); 14 Jul 2008 10:53:40 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 38462 invoked by uid 99); 14 Jul 2008 10:53:40 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Jul 2008 03:53:40 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of mnikhil@gmail.com designates 209.85.146.182 as permitted sender) Received: from [209.85.146.182] (HELO wa-out-1112.google.com) (209.85.146.182) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Jul 2008 10:52:48 +0000 Received: by wa-out-1112.google.com with SMTP id k17so3027265waf.0 for ; Mon, 14 Jul 2008 03:53:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=GWE2bSH+lNySfB/FjoC5BKfH0kf0i94DeqgBoheRw0E=; b=dU9e6el+pkzmSw1YIrEHBIfO2JUnr2Gq7Z04mx/c0VfPN1+8jrq4WRonIKstXoPZ7o k5Jr/EZBgtJUiB7JCMH8u5Mhu0+Ww2XZ9RrWVCaxqmjJSpyfilg5X0y7B0SGkMDPXxNR WqWU9X3DSZT2lkr1oci5sr6sMMYvdAWyGoGb0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=OD6kqSu/FWUuchueUjlrjT3I6k9O1mBkq31y1/G+yGP4QSywLxzBpDvthB3Pt/ajmH cRueDkurUW0JlfkhUMArNug89vJnoC9ajnWfgzNuiV2VnMLMFuf2yCfz+0hFUBeKOquF HFPyAM4MvqxGYXexo//K8FmyrZ6FylJN6qwEE= Received: by 10.115.76.5 with SMTP id d5mr17260512wal.191.1216032791675; Mon, 14 Jul 2008 03:53:11 -0700 (PDT) Received: by 10.114.254.7 with HTTP; Mon, 14 Jul 2008 03:53:11 -0700 (PDT) Message-ID: <1e7c46190807140353w286590bfo6a66b3db1154bbe4@mail.gmail.com> Date: Mon, 14 Jul 2008 16:23:11 +0530 From: Nikhil To: "Tomcat Users List" , users@httpd.apache.org In-Reply-To: <1e7c46190807140352k7e03214cl222379e39de265c6@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_48251_18810393.1216032791652" References: <1e7c46190807131104q4370bcdiaa42e94d97fe33d2@mail.gmail.com> <487A91D9.6040000@kippdata.de> <1e7c46190807132247t469182f0lce9d6e75a24898f5@mail.gmail.com> <487B17C3.6010509@kippdata.de> <1e7c46190807140352k7e03214cl222379e39de265c6@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Re: tomcat, apache with mod_jk and mod_auth_kerb ------=_Part_48251_18810393.1216032791652 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Mon, Jul 14, 2008 at 4:22 PM, Nikhil wrote: > > > On Mon, Jul 14, 2008 at 2:39 PM, Rainer Jung > wrote: > >> >>> First of all 5.5.12 is very outdated and also very early in the 5.5 >> release cycle. >> >> You need to add 'tomcatAuthentication="false"' in the Connector element >> for your AJP connector. The connector you showed us above is >> >> - an https connector >> - a comment and not active >> >> At least two good reasons, why this is not the right one. The AJP >> Connector is the one, which uses port 8009 in the default configuration and >> which you can identify by 'protocol="AJP/1.3"'. >> >> >> Regards, >> >> Rainer >> > > Oops.. here is the http connector line in my configuration: > > > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > enableLookups="false" redirectPort="8443" acceptCount="100" > connectionTimeout="20000" disableUploadTimeout="true" /> > > > Thanks Rainer. I will try out the later releases.. may be tomcat6 itself. > > Nikhil > > > > but still.. I do not get what is wrong with 5.5.12 and what could I do atleast in the httpd configuration that would get the kerberized apache authentication working in the tomcat apps. -- Nikhil Google is Great ! ------=_Part_48251_18810393.1216032791652 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline

On Mon, Jul 14, 2008 at 4:22 PM, Nikhil <mnikhil@gmail.com> wrote:


On Mon, Jul 14, 2008 at 2:39 PM, Rainer Jung <rainer.jung@kippdata.de> wrote:

First of all 5.5.12 is very outdated and also very early in the 5.5 release cycle.

You need to add 'tomcatAuthentication="false"' in the Connector element for your AJP connector. The connector you showed us above is

- an https connector
- a comment and not active

At least two good reasons, why this is not the right one. The AJP Connector is the one, which uses port 8009 in the default configuration and which you can identify by 'protocol="AJP/1.3"'.


Regards,

Rainer

Oops.. here is the http connector line in my configuration:

    <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
    <Connector port="64080" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" redirectPort="8443" acceptCount="100"
               connectionTimeout="20000" disableUploadTimeout="true" />


Thanks Rainer. I will try out the later releases.. may be tomcat6 itself. 

Nikhil




but still.. I do not get what is wrong with 5.5.12 and what could I do atleast in the httpd configuration that would get the kerberized apache  authentication working in the tomcat apps. 



--
Nikhil

Google is Great ! ------=_Part_48251_18810393.1216032791652--