On Mon, Oct 27, 2008 at 1:47 PM, Andr=E9 Warnier <aw@ice-sa.com> wrote:=

Hi.

Ah ! your Dav is at the Tomcat level, not the Apache level.
And that's also where the Dav authentication is being done.

In other words, no authentication and no Dav is being handled at the Apache= level, so it has nothing to do with the Apache proxying, which probably wo= rks fine.

I believe this question should be reposted to the Tomcat mailing list, at &= quot;users@tom= cat.apache.org".

In the meantime, my guess is that you have not created the appropriate user= and role for the authentication under Tomcat.
Just as a tip :
In your Tomcat/conf directory, there should be a file "tomcat-users.xm= l". That's where users and roles are defined.
According to your <security-constraint> in the Dav webapp setup below= ,
you should have something like this in tomcat-users.xml :

<role rolename=3D"admin"/>
<user username=3D"davuser" password=3D"xxxxx" roles= =3D"admin"/>
(add it if it's not there)

and then use the user "davuser" and the password you chose for lo= gging in when you DAV pops up its authentication dialog.

If that does not work, then ask further on the Tomcat list.
=

Michele Mase' wrote:

here is the conf:

Frontend server:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass /favicon.ico !
ProxyPass /robots.txt !
ProxyPass /images/ !
ProxyPass /balancer !
ProxyPass /status !
ProxyPass /manager !
ProxyPass /host-manager !
ProxyPass /docs !
ProxyPass /examples !
ProxyPass /app1/ ajp://www.example.com:8009/app1/
ProxyPass / http://www.example.com:8080/
ProxyPassReverse / http://www.example.com:8080/
</VirtualHost>

Tomcat:
server.xml (default config):
...
<Connector port=3D"8080" protocol=3D"HTTP/1.1"=
connectionTimeout=3D"= ;20000"
redirectPort=3D"8443= "/>
...
<Connector port=3D"8009" protocol=3D"AJP/1.3" redire= ctPort=3D"8443" />

$CATALINA_HOME/conf/Catalina/localhost/app1.xml
<?xml version=3D"1.0" encoding=3D"UTF-8"?>
<Context path=3D"/app1" docBase=3D"/app1">
<Resources className=3D"org.apache.nami= ng.resources.FileDirContext"
allowLinking=3D"true" caseSensitive=3D"false" />
</Context>

WEB-INF/web.xml of app1 (where the webdav authentication is)

<?xml version=3D"1.0" encoding=3D"ISO-8859-1"?> <web-app xmlns=3D"http://java.sun.com/xml/ns/j2ee"
xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance&= quot;
xsi:schemaLocation=3D"http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version=3D"2.4">
<display-name>Webdav Content Management</display-name> <description>
Webdav Content Management
</description>
<servlet>
<servlet-name>webdav</servlet-name>

<servlet-class>org.apache.catalina.servlets.WebdavServlet</servlet= -class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>readonly</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>webdav</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>The Entire Web Application<= ;/web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Supported Realm</realm-name> </login-config>
<security-role>
<description>
An example role defined in "conf/tomcat-users.xml= "
</description>
<role-name>admin</role-name>
</security-role>
<welcome-file-list>
<welcome-file/>
</welcome-file-list>
</web-app>

On Mon, Oct 27, 2008 at 12:16 PM, Andr=E9 Warnier <aw@ice-sa.com> wrote:

Michele Mase' wrote:

I've the following problem:

A ftontend server with apache2.2.x (http1.1)
mod_proxy
mod_proxy_ajp

A backend server:
tomcat 6.x with 2 webapps:
/app1
/app2 (webdav, basic authentication via http)

Problem:

/app1 works well under proxy_ajp:
ProxyPass /some_path ajp://server:8009/app1

webdav authentication cannot work under proxy_ajp
It works only under proxy_http:
ProxyPass /path http://ser= ver/app2
ProxyPassReverse /path htt= p://server/app2

Are there some limitations in proxy_ajp module?
Could webdav authentication work with proxy_ajp?
Michele

What do you call "webdav authentiation" ?

DAV itself does not handle authentication.
It is whatever you put "around it" in your configuration that wil= l do the
authentication.
Can you post the configuration of the section which you configure with &quo= t;Dav
on" ?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.<= br> See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apa= che.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.<= br> See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.ap= ache.org
For additional commands, e-mail: users-help@httpd.apache.org