tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Larry Isaacs <Larry.Isa...@sas.com>
Subject RE: Does anyone see anything wrong with this fix?
Date Thu, 01 Nov 2001 18:42:18 GMT
I believe mod_jk's JkMount currently only accepts mappings in the
form:

    JkMount /path/*
    JkMount /path/*.ext

Something like:

    JkMount /path/*something

is another way of saying:

    JkMount /path/*

which makes the other settings written irrelevant since all
requests will be mapped to Tomcat.  See the:

    /* context based */
    asterisk[1] = '\0';

in jk_uri_worker_map.c file.

Tomcat 3.3 deals with this by having the generated mod_jk.conf
use the "JkMount /path/*" approach by default.  If you add
forwardAll="false" to the ApacheConfig line in server.xml,
it will write a mod_jk.conf similar to that of Tomcat 3.2.x,
but with additional mappings.  These additional mappings for
the context will include one like the following:

    JkMount /examples/jsp/security/login/j_security_check  ajp13

If you want "j_security_check" to work in Tomcat 3.2.x without
mapping all requests to Tomcat, you will need to add mappings
like this.  It is beyond the scope of Tomcat 3.2.x development
to back port Tomcat 3.3's behavior to Tomcat 3.2.x.

Cheers,
Larry


> -----Original Message-----
> From: Michael Jennings [mailto:mike@southgatesoftware.com]
> Sent: Thursday, November 01, 2001 12:35 PM
> To: tomcat-dev@jakarta.apache.org
> Subject: Does anyone see anything wrong with this fix?
> 
> 
> As far as I can tell, the following modification to the 
> ApacheConfig.java class will
> enable form-based authentication to work for people using 
> mod_jk.conf-auto
> with Apache.
> 
> 
> mod_jk needs to be told to handle requests of the form
> "/webapproot/somedir/j_security_check"
> 
> since a login.jsp page (for form-based authentication) may exist at
> "/webapproot/somedir/login.jsp" and may specify "j_security_check"
> as the target of a form submission. In order for the 
> form-based authentication
> machinery to work, it needs to get the POST request that is going to
> "/webapproot/somedir/j_security_check"
> which means that pattern has to be present in the mod_jk.conf-auto
> 
> ie: the following line must be in the mod_jk configuration file:
> JkMount /webapproot/*j_security_check ajp12
> 
> Does anyone see any potential problems with this?
> 
> -Mike Jennings
> 
> Index: 
> jakarta-tomcat/src/share/org/apache/tomcat/task/ApacheConfig.java
> ===================================================================
> RCS file: 
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/tas
> k/Attic/ApacheConfig.java,v
> retrieving revision 1.12.2.2
> diff -r1.12.2.2 ApacheConfig.java
> 202a203
> >         mod_jk.println("JkMount /*j_security_check ajp12");
> 289a291
> >       mod_jk.println("JkMount " + path +"/*j_security_check ajp12");
> 
> 

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message