httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: [users@httpd] proxy_ajp webdav http 1.1 authentication
Date Mon, 27 Oct 2008 12:47:11 GMT
Hi.

Ah ! your Dav is at the Tomcat level, not the Apache level.
And that's also where the Dav authentication is being done.

In other words, no authentication and no Dav is being handled at the 
Apache level, so it has nothing to do with the Apache proxying, which 
probably works fine.

I believe this question should be reposted to the Tomcat mailing list, 
at "users@tomcat.apache.org".

In the meantime, my guess is that you have not created the appropriate 
user and role for the authentication under Tomcat.
Just as a tip :
In your Tomcat/conf directory, there should be a file 
"tomcat-users.xml".  That's where users and roles are defined.
According to your <security-constraint> in the Dav webapp setup below,
you should have something like this in tomcat-users.xml :

<role rolename="admin"/>
<user username="davuser" password="xxxxx" roles="admin"/>
(add it if it's not there)

and then use the user "davuser" and the password you chose for logging 
in when you DAV pops up its authentication dialog.

If that does not work, then ask further on the Tomcat list.




Michele Mase' wrote:
> here is the conf:
> 
> Frontend server:
> <VirtualHost *:80>
>         ServerName www.example.com
>         ProxyPass /favicon.ico !
>         ProxyPass /robots.txt !
>         ProxyPass /images/ !
>         ProxyPass /balancer !
>         ProxyPass /status !
>         ProxyPass /manager !
>         ProxyPass /host-manager !
>         ProxyPass /docs !
>         ProxyPass /examples !
>         ProxyPass /app1/ ajp://www.example.com:8009/app1/
>         ProxyPass / http://www.example.com:8080/
>         ProxyPassReverse / http://www.example.com:8080/
> </VirtualHost>
> 
> Tomcat:
> server.xml (default config):
> ...
>  <Connector port="8080" protocol="HTTP/1.1"
>                connectionTimeout="20000"
>                redirectPort="8443"/>
> ...
> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
> 
> $CATALINA_HOME/conf/Catalina/localhost/app1.xml
> <?xml version="1.0" encoding="UTF-8"?>
> <Context path="/app1" docBase="/app1">
>         <Resources className="org.apache.naming.resources.FileDirContext"
> allowLinking="true" caseSensitive="false" />
> </Context>
> 
> WEB-INF/web.xml of app1 (where the webdav authentication is)
> 
> <?xml version="1.0" encoding="ISO-8859-1"?>
> <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
> http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
>     version="2.4">
>   <display-name>Webdav Content Management</display-name>
>   <description>
>      Webdav Content Management
>   </description>
>   <servlet>
>     <servlet-name>webdav</servlet-name>
> 
> <servlet-class>org.apache.catalina.servlets.WebdavServlet</servlet-class>
>     <init-param>
>       <param-name>debug</param-name>
>       <param-value>0</param-value>
>     </init-param>
>     <init-param>
>       <param-name>listings</param-name>
>       <param-value>true</param-value>
>     </init-param>
>     <init-param>
>       <param-name>readonly</param-name>
>       <param-value>false</param-value>
>     </init-param>
>   </servlet>
>   <servlet-mapping>
>     <servlet-name>webdav</servlet-name>
>     <url-pattern>/*</url-pattern>
>   </servlet-mapping>
>   <security-constraint>
>     <web-resource-collection>
>       <web-resource-name>The Entire Web Application</web-resource-name>
>       <url-pattern>/*</url-pattern>
>     </web-resource-collection>
>     <auth-constraint>
>       <role-name>admin</role-name>
>     </auth-constraint>
>   </security-constraint>
>   <login-config>
>     <auth-method>BASIC</auth-method>
>     <realm-name>Tomcat Supported Realm</realm-name>
>   </login-config>
>   <security-role>
>     <description>
>       An example role defined in "conf/tomcat-users.xml"
>     </description>
>     <role-name>admin</role-name>
>   </security-role>
>   <welcome-file-list>
>     <welcome-file/>
>   </welcome-file-list>
> </web-app>
> 
> 
> On Mon, Oct 27, 2008 at 12:16 PM, André Warnier <aw@ice-sa.com> wrote:
> 
>> Michele Mase' wrote:
>>
>>> I've the following problem:
>>>
>>> A ftontend server with apache2.2.x (http1.1)
>>> mod_proxy
>>> mod_proxy_ajp
>>>
>>> A backend server:
>>> tomcat 6.x with 2 webapps:
>>> /app1
>>> /app2 (webdav, basic authentication via http)
>>>
>>> Problem:
>>>
>>> /app1 works well under proxy_ajp:
>>> ProxyPass /some_path ajp://server:8009/app1
>>>
>>> webdav authentication cannot work under proxy_ajp
>>> It works only under proxy_http:
>>> ProxyPass /path http://server/app2
>>> ProxyPassReverse /path http://server/app2
>>>
>>> Are there some limitations in proxy_ajp module?
>>> Could webdav authentication work with proxy_ajp?
>>> Michele
>>>
>>>  What do you call "webdav authentiation" ?
>> DAV itself does not handle authentication.
>> It is whatever you put "around it" in your configuration that will do the
>> authentication.
>> Can you post the configuration of the section which you configure with "Dav
>> on" ?
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message