tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 25055] - getRemoteUser() returns null - bypass of apache authentication
Date Tue, 02 Dec 2003 07:43:13 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25055>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25055

getRemoteUser() returns null - bypass of apache authentication

stefos@msc.gr changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|getRemoteUser() returns null|getRemoteUser() returns null
                   |(again)                     |- bypass of apache
                   |                            |authentication



------- Additional Comments From stefos@msc.gr  2003-12-02 07:43 -------
ok, I found a workaround to my problem by placing the <limit> tag directly into
the httpd.conf instead of a .htaccess file

This looks then like this
<VirtualHost....
  <Location /protecteddir>
		AuthUserFile /path_to_.htpasswd
		AuthGroupFile /dev/null
		AuthName "Please enter username and password"
		AuthType Basic
		<Limit GET POST>
		require valid-user
		</Limit>
  </Location> 

I remember from the 3.1 or 3.2 versions that this was the only way to use apache
for protecting jsp pages, but at least on 3.3 and 4.1.24 this worked also with
simple .htaccess files.
I have looked at my old configuration of 4.1.24 and could not find anything that
would explain this, so I assume that this is indeed a bug or just a change in
behaviour of the connector.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message