tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Container managed security and Proxy support
Date Wed, 20 Oct 2010 16:39:10 GMT
On 20/10/2010 17:02, Oliver Wulff wrote:
> Thanks. To recap, I configure AJP13 with tomcatAuthentication equals to
> false but I still need the login-config and security-constraints in the
> web.xml...
> 
> Where can I let tomcat know to which roles a user belongs to?

That has to be done via Realm, AFAIK.  Which means you can't use the AJP
method.


p

> Thanks
> Oliver
> 
> 
> 
> 
>                                                                            
>              Pid                                                           
>              <pid@pidster.com>                                             
>                                                                         An 
>              20.10.2010 17:52           Tomcat Users List                  
>                                         <users@tomcat.apache.org>          
>                                                                      Kopie 
>               Bitte antworten                                              
>                     an                                               Thema 
>                "Tomcat Users            Re: Container managed security and 
>                    List"                Proxy support                      
>              <users@tomcat.apa                                             
>                  che.org>                                                  
>                                                                            
>                                                                            
>                                                                            
>                                                                            
> 
> 
> 
> 
> 
> On 20/10/2010 16:46, Oliver Wulff wrote:
>>
>> <img
>> src="http://zdownload.zurich.com/mailimages/ZHP_MailHeader.gif" />
>>
>> Hi there
>>
>> Different Realms are already provided by Tomcat to configure the
>> authentication. This allows the application developer to use the standard
>> Servlet API to retrieve security related informations like username and
>> whether the user belongs to a role or not. Further, you can configure
>> access restrictions based on roles in web.xml.
>>
>> When the whole authentication happens within a reverse proxy (mod_proxy
> of
>> apache server) how can I still benefit from container managed security in
>> tomcat? The password is not available anymore so that I could configure
> one
>> of the Realms.
>>
>> Is there any out of the box solution in Tomcat?
> 
> For the AJP connector:
> 
>  tomcatAuthentication=false
> 
>  http://tomcat.apache.org/tomcat-6.0-doc/config/ajp.html
> 
> 
> 
> p
> [attachment "0x62590808.asc" deleted by Oliver Wulff/CHK/External/Zurich]
> [attachment "signature.asc" deleted by Oliver Wulff/CHK/External/Zurich]
> 
> 
> 
> 
> 
> 
> 
> ******************* BITTE BEACHTEN *******************
> Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
> möglicherweise vertrauliche oder gesetzlich geschützte Daten oder
> Informationen. Zum Empfang derselben ist (sind) ausschliesslich die
> genannte(n) Person(en) bestimmt. Falls Sie diese Nachricht
> irrtümlicherweise erreicht hat, sind Sie höflich gebeten, diese unter
> Ausschluss jeder Reproduktion zu zerstören und die absendende Person
> umgehend zu benachrichtigen. Vielen Dank für Ihre Hilfe.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


Mime
View raw message