tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mickael Goujon <>
Subject Realm and Authentication with Tomcat 5.0, Apache 2 and mod_jk 1.2
Date Thu, 09 Feb 2006 11:40:05 GMT

We have a web application deployed under Tomcat 5.0 which uses a custom 
Realm for authentication. This custom Realm basically does a web service 
call using the user's credentials to authenticate with the web service 
server (basic WS-I username/password authentication).

If the web service call fails (user not allowed to call the web service 
with his credentials), then Tomcat authentication fails.

If the web service call succeed (user has access to the web service), 
then Tomcat authentication succeed and the Realm will store the Session 
object returned by the web service in a ThreadLocalContext to be reused 
later in the web application.

This works fine with Tomcat only, but as soon as I add mod_jk and try to 
use Apache to do the authentication and then pass the credentials to 
Tomcat (using tomcatAuthentication=false), I get the "403 - access 
denied" page.

I'd like to know if, in my configuration (Apache authentication + Tomcat 
Realm + tomcatAuthentication=false), Apache is supposed to pass the user 
  login/password to the Tomcat Realm or if the realm is not called at 
all (This would be the bad news I fear)?

My combination Apache/Tomcat/mod_jk works when I specify 
tomcatAuthentication=true. But, I'd like to have Apache authentication 
and the Tomcat Realm called automatically after that with the 
username/password... Is this possible or do I have to move my Session 
creation process somewhere else?

Hope you understood my problem,



Mickael Goujon
Software Engineer
Lion Bioscience Ltd

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message