tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel G <>
Subject client + proxy Apache + Tomcat 5 (HTTP authentication)
Date Mon, 06 Nov 2006 13:03:19 GMT
hello list,

My configuration is C(client) - (P)Apache 2.2.3 - (S)
Tomcat 5.5.20. 

I received the 'Unauthorized' response for different
approaches: mod_jk, mod_proxy_ajp. 
My scenario is: 
- a static HTML page, like a form, but no password;
the action value is a Perl script
- the cgi-bin/ should check the user's
entry and take a decision: read-only user or
read-write user.
- in Tomcat I have defined a memory realm (XML file),
there are only two groups/users : read-only and

When I loaded the mod_proxy_ajp, I can see all
request-response cycles exchanged between Apache
(Proxy) and the Client (C). The second cycle contains
WWW-Authorization and Authorization headers, but the
final result received on client is 401 Unauthorized.

For the mod_jk scenario there is no visible
WWW-Authorization/Authorization header but the same

My question is about the perl script and the right
behavior: should I take care of all steps executed by
HTTP 1.1 protocol for Basic authentication for the
dialog between Apache(P) and Tomcat(S) or all headers
are forwarded by default to Tomcat container by the

And for the mod_jk scenario where there is no proxy,
the Apache is just for fronting Tomcat the solution is
the same: take care for all cases in the static Perl

How the mod_cache module could be added in this case:
C -> P(Apache) -> S(Tom)? 

Many thanks for any hint, URL or notes.
Daniel G

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message