tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boemio, Neil (GEI, FGI)" <Neil.Boe...@ge.com>
Subject RE: Apache Authentication with Tomcat
Date Tue, 30 Sep 2003 15:59:25 GMT
Excellent!  This did the trick.  Thanks!

Now I get prompted and I can login .... but for some reason, request.getRemoteUser(), returns
null.  I am porting this application to Tomcat and this used to work just fine in JRun.  Any
ideas?

-----Original Message-----
From: Morgan Pyne [mailto:Morgan.Pyne@eur.sas.com]
Sent: Tuesday, September 30, 2003 11:27 AM
To: Tomcat Users List
Subject: RE: Apache Authentication with Tomcat


Hi Neil,

Use a "Location" directive in your httpd.conf instead. e.g.:

<Location /downloads>
    AuthType Basic
    AuthName "FGIC Downloads"
    AuthUserFile d:\apache\apache2\conf\passwords
    AuthGroupFile d:\apache\apache2\conf\groups
    Require group FGICMoodys
</Location>

"Directory" directives apply to the filesystem, "Location" directives apply to the URL space.

See the Apache manual for more details:
http://httpd.apache.org/docs-2.0/mod/core.html#location

Regards,
Morgan


> -----Original Message-----
> From: Boemio, Neil (GEI, FGI) [mailto:Neil.Boemio@ge.com] 
> Sent: Tuesday, September 30, 2003 17:17
> To: tomcat-user@jakarta.apache.org
> Subject: Apache Authentication with Tomcat
> 
> 
> I'm trying to protect a /downloads url in apache.   My webapp 
> in Tomcat is in ROOT.  So in the workers2.properties file 
> under apache, I have:
> 
> # Map the webapp to the Web server uri space
> [uri:/*]
> info=my website
> 
> So my app is working fine .... requests for /* are passed to 
> Tomcat and things are wonderful. But I want to protect 
> /downloads using apache.  But there really is no directory 
> under apache called \apache\apache2\htdocs\downloads.  There 
> is no need for one since requests are sent to Tomcat.  The 
> real directory is \Tomcat4.1\webapps\ROOT\downloads.
> 
> When I remove [uri:/*] from workers2.properties and create a 
> dummy htdocs\downloads directory under apache, the apache 
> authentication works fine.  But when I put [uri:/*] back, I 
> do not get prompted for ID/Password.  Here is what I have in 
> httpd.conf.  Any ideas?
> 
> <Directory d:\Apache\Apache2\htdocs\downloads>
>     AuthType Basic
>     AuthName "FGIC Downloads"
>     AuthUserFile d:\apache\apache2\conf\passwords
>     AuthGroupFile d:\apache\apache2\conf\groups
>     Require group FGICMoodys
> </Directory>
> 
> I tried using: <Directory 
> d:\Tomcat4.1\webapps\ROOT\downloads> but that didn't work.  
> Ideally, I want to tell apache to protect a URL not a file 
> system path, but obviously, that is not the syntax for the 
> Directory directive.
> 
> Windows 2000
> Tomcat 4.1.27
> Apache 2.0.47
> JK2 2.0.43
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Mime
View raw message