tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From JensStu...@quidinfo.it
Subject RE: Login problem with reverse proxy
Date Mon, 12 Aug 2002 09:25:27 GMT

No, i have no concrete idea. My only doubt is, that the chain
browser-proxy-tomcat must be involved, that is your redirect somehow gets
executed over this chain, otherwise the problem would not exist. I think,
there is an option to say, wether redirects should be executed via the
browser or really internally, but i don't remember, where...

Regards,

Jens Stutte



                                                                                         
                   
                    Barney Hamish                                                        
                   
                    <Hamish.Barney@ect-te        To:     "'Tomcat Users List'"        
                      
                    lecoms.de>                   <tomcat-user@jakarta.apache.org>
                           
                                                 cc:                                     
                   
                    09/08/2002 13.52             Subject:     RE: Login problem with reverse
proxy           
                    Please respond to                                                    
                   
                    "Tomcat Users List"                                                  
                   
                                                                                         
                   
                                                                                         
                   




Thanks Jens. I'm afraid that doesn't help with my specific problem. This is
something to do with the forwarding of requests to the login page that
Tomcat does internally. I'm not sure how I can avoid that in the way I
design my application (if I want to use the built-in authentication method
without modifying the way Tomcat handles realms).
Do you know how I can deal with this specific problem?
Thanks,
Hamish



-----Original Message-----
From: JensStutte@quidinfo.it [mailto:JensStutte@quidinfo.it]
Sent: Friday, August 09, 2002 12:58 PM
To: Tomcat Users List
Subject: Re: Login problem with reverse proxy



Sorry for the empty mail, i struggled with my Lotus client (who the heck
creates a dialog box that defaults to "Send" when closing a modified mail
without sending it ?)...

I have a similar configuration here (slightly complicated due to the use of
struts). You must follow some rules in your design, to be able to do this:
- do not use browser redirects, but internal redirects. Or create
dynamically JavaScript redirects on your pages (not very nice, i know).
- use only relative URLs. Otherwise, especially if your application does
not map to your proxys root directory but some subfolder, nothing will
work.
- if you use struts, be aware of some tags, that create absolut URL pathes
(the form tag for example). I extended and overrided some of these tags in
order to create relative pathes (the struts community has decided, to not
treat this issue).

Hence, the most existing J2EE applications, that are not designed and
tested for a similar environment, most likely won't work without
modifications.

Regards,

Jens Stutte





                    JensStutte@qu

                    idinfo.it            To:     "Tomcat Users List"

                                         <tomcat-user@jakarta.apache.org>

                    09/08/2002           cc:

                    11.46                Subject:     Re: Login problem
with
reverse proxy
                    Please

                    respond to

                    "Tomcat Users

                    List"










                    Barney Hamish

                    <Hamish.Barney@ect-te        To:
"'tomcat-user@jakarta.apache.org'"
                    lecoms.de>
<tomcat-user@jakarta.apache.org>
                                                 cc:

                    09/08/2002 11.32             Subject:     Login problem
with reverse proxy
                    Please respond to

                    "Tomcat Users List"











Hi,
I'm using tomcat 3.2 with form based login and an apache reverse proxy to
filter requests to the webserver. When tomcat issues the redirect to the
login page the users are sent directly to the webserver not the reverse
proxy. As the webserver is not directly accessable they are unable to
request the log-in page. Is anyone aware of a way I can configure tomcat
and
or the reverse proxy to make this set-up work?


More info:

-----Internet------
           |
Reverse Proxy
           |
----Private Net----
           |
Webserver (with Tomcat)

When a request for a secure resource is sent to the reverse proxy, it
forwards that request to the webserver. If the user is not logged-in tomcat
tries to redirect the user to the login form. In that redirect Tomcat
apparently includes the IP address of the server upon which it is currently
residing. The reverse proxy forwards the webserver's response to the
client.
When the client tries to request the log-in page from the directly from the
webserver it is unable to reach the webserver.

Hamish

--
To unsubscribe, e-mail:   <
mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <
mailto:tomcat-user-help@jakarta.apache.org>






--
To unsubscribe, e-mail:   <
mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <
mailto:tomcat-user-help@jakarta.apache.org>






--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <
mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <
mailto:tomcat-user-help@jakarta.apache.org>






--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message