Return-Path: 
 <tomcat-dev-return-39468-apmail-jakarta-tomcat-dev-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-dev-archive@www.apache.org
Received: (qmail 7488 invoked from network); 2 Feb 2004 13:10:23 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 2 Feb 2004 13:10:23 -0000
Received: (qmail 58005 invoked by uid 500); 2 Feb 2004 13:10:06 -0000
Delivered-To: apmail-jakarta-tomcat-dev-archive@jakarta.apache.org
Received: (qmail 57949 invoked by uid 500); 2 Feb 2004 13:10:06 -0000
Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-dev-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-dev-help@jakarta.apache.org>
List-Post: <mailto:tomcat-dev@jakarta.apache.org>
List-Id: "Tomcat Developers List" <tomcat-dev.jakarta.apache.org>
Reply-To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
Delivered-To: mailing list tomcat-dev@jakarta.apache.org
Received: (qmail 57908 invoked from network); 2 Feb 2004 13:10:05 -0000
Received: from unknown (HELO exchange.sun.com) (192.18.33.10)
  by daedalus.apache.org with SMTP; 2 Feb 2004 13:10:05 -0000
Received: (qmail 19860 invoked by uid 50); 2 Feb 2004 13:10:21 -0000
Date: 2 Feb 2004 13:10:21 -0000
Message-ID: <20040202131021.19859.qmail@nagoya.betaversion.org>
From: bugzilla@apache.org
To: tomcat-dev@jakarta.apache.org
Cc: 
Subject: DO NOT REPLY [Bug 25055]  -
    bypass of apache authentication
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25055>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25055

bypass of apache authentication

stefos@msc.gr changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|getRemoteUser() returns null|bypass of apache
                   |- bypass of apache          |authentication
                   |authentication              |



------- Additional Comments From stefos@msc.gr  2004-02-02 13:10 -------
I had 3 private emails the past week about this issue from people who have the
same problem. I refered them to my comment from "2003-12-02 07:43".

As this is a security issue, I think this bug is important enough to justify a
comment in the release notes of mod_jk... 

I'm also changing the summary to reflect the real problem in this bug report and
not the initial problem I had encountered

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org