tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bojan Smojver <bo...@binarix.com>
Subject Re: TC 3.3 + mod_jk + j_security_check
Date Wed, 26 Sep 2001 21:34:17 GMT
I was referring to the manual configuration, rather then ApacheConfig
one. Some people (me :-) prefer to do things manually.

I actually tried with /*.jsp (or /*.vm in my case) only and it (still)
doesn't work (which makes sense and I don't consider it a problem)
unless you specify:

JkMount /login/j_security_check ajp13

or whichever other place j_security_check is under. That's what I wanted
to mention in the mod_jk HOWTO. It might save someone considerable
amount of time.

Bojan

Bill Barker wrote:
> 
> If the web.xml contains no servlet-mappings, then forwardAll="false" will
> generate:
> JkMount /myapp/servlet/* ajp13
> JkMount /myapp/*.jsp ajp13
> 
> and if in addition, the context uses form authorization:
> JkMount /myapp/path/to/j_security_check ajp13
> 
> You need to set noRoot="false" if you want the ROOT context mappings
> generated as well.
> 
> Larry has added other options to allow you to specify the directories where
> various files go (e.g. mod_jk.so), but I don't remember them off the top of
> my head.
> ----- Original Message -----
> From: "Bojan Smojver" <bojan@binarix.com>
> To: <tomcat-dev@jakarta.apache.org>
> Sent: Tuesday, September 25, 2001 7:51 PM
> Subject: Re: TC 3.3 + mod_jk + j_security_check
> 
> > What if the only mapping is for instance:
> >
> > JkMount /*.jsp ajp13
> >
> > Will it still work?
> >
> > Bojan
> >
> > Bill Barker wrote:
> > >
> > > This is now implemented automatically in the ApacheConfig module.  By
> > > default it does:
> > > JkMount /myapp/* ajp13
> > >
> > > Turning this off (via forwardAll="false"), then it outputs all of the
> > > defined mappings (including j_security_check for form auth contexts).
> > > ----- Original Message -----
> > > From: "Bojan Smojver" <bojan@binarix.com>
> > > To: "Tomcat Dev List" <tomcat-dev@jakarta.apache.org>
> > > Sent: Tuesday, September 25, 2001 5:34 PM
> > > Subject: TC 3.3 + mod_jk + j_security_check
> > >
> > > > Unless this is now implemented automatically in mod_jk, I think it
> would
> > > > be worth mentioning in mod_jk HOWTO about the need to JKMount
> > > > j_security_check when form authentication is used in applications.
> > > >
> > > > I think I should be able to fake a paragraph about it (with examples).
> > > >
> > > > Bojan
> > > >
> > > >
> > >
> > > *----*
> > >
> > > This message is intended only for the use of the person(s) listed above
> > > as the intended recipient(s), and may contain information that is
> > > PRIVILEGED and CONFIDENTIAL.  If you are not an intended recipient,
> > > you may not read, copy, or distribute this message or any attachment.
> > > If you received this communication in error, please notify us
> immediately
> > > by e-mail and then delete all copies of this message and any
> attachments.
> > >
> > > In addition you should be aware that ordinary (unencrypted) e-mail sent
> > > through the Internet is not secure. Do not send confidential or
> sensitive
> > > information, such as social security numbers, account numbers, personal
> > > identification numbers and passwords, to us via ordinary (unencrypted)
> > > e-mail.
> >
> >
> 
> *----*
> 
> This message is intended only for the use of the person(s) listed above
> as the intended recipient(s), and may contain information that is
> PRIVILEGED and CONFIDENTIAL.  If you are not an intended recipient,
> you may not read, copy, or distribute this message or any attachment.
> If you received this communication in error, please notify us immediately
> by e-mail and then delete all copies of this message and any attachments.
> 
> In addition you should be aware that ordinary (unencrypted) e-mail sent
> through the Internet is not secure. Do not send confidential or sensitive
> information, such as social security numbers, account numbers, personal
> identification numbers and passwords, to us via ordinary (unencrypted)
> e-mail.

Mime
View raw message