tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <oh...@cox.net>
Subject Re: Do any of the Tomcat LDAP-type realms support "no password" authentication?
Date Sat, 03 Dec 2011 00:13:04 GMT

---- ohaya@cox.net wrote: 
> P.S.  I forgot to mention:
> 
> As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat connection.
 I have a sniff from earlier, where I was using "ProxyPass ajp://", and, comparing that sniff
vs. a sniff that I have from when I tested with your suggested <Location>, in the latter
sniff, I can see the userID (testuser), whereas in the former, that same area in the hex dump
is basically just null-terminated strings.
> 
> So, it appears like, when the OAM stuff and the ajp: stuff is in the Apache .conf, as
you were guessing, the userID isn't making it into the Apache-to-Tomcat/AJP connection at
all.
> 
> Jim
> 


Hi,

Sorry for the top-post :(...

Here're the sniffs from the tests that I did:

a) Working (OAM disabled, <Location> per Andre):



00000000  12 34 02 AB 02 02 00 08  48 54 54 50 2F 31 2E 31   .4.«.... HTTP/1.1 
00000010  00 00 1F 2F 73 61 6D 70  6C 65 73 61 6A 70 2F 73   .../samp lesajp/s 
00000020  73 6F 41 4D 54 6F 6D 63  61 74 54 65 73 74 2E 6A   soAMTomc atTest.j 
00000030  73 70 00 00 0B 31 39 32  2E 31 36 38 2E 30 2E 37   sp...192 .168.0.7 
00000040  00 FF FF 00 14 61 70 61  63 68 65 31 2E 77 68 61   .ÿÿ..apa che1.wha 
00000050  74 65 76 65 72 2E 63 6F  6D 00 01 BB 01 00 09 A0   tever.co m..»...  
00000060  0B 00 14 61 70 61 63 68  65 31 2E 77 68 61 74 65   ...apach e1.whate 
00000070  76 65 72 2E 63 6F 6D 00  A0 0E 00 3F 4D 6F 7A 69   ver.com.  ..?Mozi 
00000080  6C 6C 61 2F 35 2E 30 20  28 57 69 6E 64 6F 77 73   lla/5.0  (Windows 
00000090  20 4E 54 20 36 2E 31 3B  20 72 76 3A 38 2E 30 29    NT 6.1;  rv:8.0) 
000000A0  20 47 65 63 6B 6F 2F 32  30 31 30 30 31 30 31 20    Gecko/2 0100101  
000000B0  46 69 72 65 66 6F 78 2F  38 2E 30 00 A0 01 00 3F   Firefox/ 8.0. ..? 
000000C0  74 65 78 74 2F 68 74 6D  6C 2C 61 70 70 6C 69 63   text/htm l,applic 
000000D0  61 74 69 6F 6E 2F 78 68  74 6D 6C 2B 78 6D 6C 2C   ation/xh tml+xml, 
000000E0  61 70 70 6C 69 63 61 74  69 6F 6E 2F 78 6D 6C 3B   applicat ion/xml; 
000000F0  71 3D 30 2E 39 2C 2A 2F  2A 3B 71 3D 30 2E 38 00   q=0.9,*/ *;q=0.8. 
00000100  00 0F 41 63 63 65 70 74  2D 4C 61 6E 67 75 61 67   ..Accept -Languag 
00000110  65 00 00 0E 65 6E 2D 75  73 2C 65 6E 3B 71 3D 30   e...en-u s,en;q=0 
00000120  2E 35 00 00 0F 41 63 63  65 70 74 2D 45 6E 63 6F   .5...Acc ept-Enco 
00000130  64 69 6E 67 00 00 0D 67  7A 69 70 2C 20 64 65 66   ding...g zip, def 
00000140  6C 61 74 65 00 00 0E 41  63 63 65 70 74 2D 43 68   late...A ccept-Ch 
00000150  61 72 73 65 74 00 00 1E  49 53 4F 2D 38 38 35 39   arset... ISO-8859 
00000160  2D 31 2C 75 74 66 2D 38  3B 71 3D 30 2E 37 2C 2A   -1,utf-8 ;q=0.7,* 
00000170  3B 71 3D 30 2E 37 00 A0  06 00 0A 6B 65 65 70 2D   ;q=0.7.  ...keep- 
00000180  61 6C 69 76 65 00 A0 05  00 1A 42 61 73 69 63 20   alive. . ..Basic  
00000190  64 47 56 7A 64 48 56 7A  5A 58 49 36 59 6D 56 7A   dGVzdHVz ZXI6YmVz 
000001A0  64 44 46 69 00 A0 08 00  01 30 00 03 00 08 74 65   dDFi. .. .0....te 
000001B0  73 74 75 73 65 72 00 04  00 05 42 61 73 69 63 00   stuser.. ..Basic. 
000001C0  08 00 12 44 48 45 2D 52  53 41 2D 41 45 53 32 35   ...DHE-R SA-AES25 
000001D0  36 2D 53 48 41 00 09 00  40 35 41 38 35 44 36 33   6-SHA... @5A85D63 
000001E0  44 46 33 32 42 35 42 38  36 34 44 42 32 37 31 34   DF32B5B8 64DB2714 
000001F0  38 39 37 31 31 31 41 42  34 44 35 30 33 32 30 45   897111AB 4D50320E 
00000200  39 41 33 38 41 42 46 36  46 38 37 44 30 46 42 43   9A38ABF6 F87D0FBC 
00000210  42 38 36 38 31 35 38 37  30 00 0B 01 00 0A 00 0F   B8681587 0....... 


b) Not working (w/OAM enabled and ajp: ProxyPass):



00000000  12 34 09 28 02 02 00 08  48 54 54 50 2F 31 2E 31   .4.(.... HTTP/1.1 
00000010  00 00 1F 2F 73 61 6D 70  6C 65 73 61 6A 70 2F 73   .../samp lesajp/s 
00000020  73 6F 41 4D 54 6F 6D 63  61 74 54 65 73 74 2E 6A   soAMTomc atTest.j 
00000030  73 70 00 00 0B 31 39 32  2E 31 36 38 2E 30 2E 37   sp...192 .168.0.7 
00000040  00 FF FF 00 14 61 70 61  63 68 65 31 2E 77 68 61   .ÿÿ..apa che1.wha 
00000050  74 65 76 65 72 2E 63 6F  6D 00 01 BB 01 00 0E A0   tever.co m..»...  
00000060  0B 00 14 61 70 61 63 68  65 31 2E 77 68 61 74 65   ...apach e1.whate 
00000070  76 65 72 2E 63 6F 6D 00  A0 0E 00 3F 4D 6F 7A 69   ver.com.  ..?Mozi 
00000080  6C 6C 61 2F 35 2E 30 20  28 57 69 6E 64 6F 77 73   lla/5.0  (Windows 
00000090  20 4E 54 20 36 2E 31 3B  20 72 76 3A 38 2E 30 29    NT 6.1;  rv:8.0) 
000000A0  20 47 65 63 6B 6F 2F 32  30 31 30 30 31 30 31 20    Gecko/2 0100101  
000000B0  46 69 72 65 66 6F 78 2F  38 2E 30 00 A0 01 00 3F   Firefox/ 8.0. ..? 
000000C0  74 65 78 74 2F 68 74 6D  6C 2C 61 70 70 6C 69 63   text/htm l,applic 
000000D0  61 74 69 6F 6E 2F 78 68  74 6D 6C 2B 78 6D 6C 2C   ation/xh tml+xml, 
000000E0  61 70 70 6C 69 63 61 74  69 6F 6E 2F 78 6D 6C 3B   applicat ion/xml; 
000000F0  71 3D 30 2E 39 2C 2A 2F  2A 3B 71 3D 30 2E 38 00   q=0.9,*/ *;q=0.8. 
00000100  A0 04 00 0E 65 6E 2D 75  73 2C 65 6E 3B 71 3D 30    ...en-u s,en;q=0 
00000110  2E 35 00 A0 03 00 0D 67  7A 69 70 2C 20 64 65 66   .5. ...g zip, def 
00000120  6C 61 74 65 00 A0 02 00  1E 49 53 4F 2D 38 38 35   late. .. .ISO-885 
00000130  39 2D 31 2C 75 74 66 2D  38 3B 71 3D 30 2E 37 2C   9-1,utf- 8;q=0.7, 
00000140  2A 3B 71 3D 30 2E 37 00  A0 06 00 0A 6B 65 65 70   *;q=0.7.  ...keep 
00000150  2D 61 6C 69 76 65 00 A0  09 02 C5 4F 62 53 53 4F   -alive.  ..ÅObSSO 
00000160  43 6F 6F 6B 69 65 3D 6B  30 67 61 31 62 38 62 55   Cookie=k 0ga1b8bU 
00000170  25 32 46 51 76 70 35 25  32 46 78 75 38 66 39 67   %2FQvp5% 2Fxu8f9g 
00000180  32 31 51 54 69 32 69 67  61 66 66 4B 41 34 78 6F   21QTi2ig affKA4xo 
00000190  4F 72 69 71 69 6F 45 69  53 53 72 6A 7A 74 58 6B   OriqioEi SSrjztXk 
000001A0  68 65 4C 6E 49 72 75 53  4B 52 4B 39 41 38 31 6B   heLnIruS KRK9A81k 
000001B0  33 70 63 25 32 46 50 44  57 68 4A 74 31 42 70 52   3pc%2FPD WhJt1BpR 
000001C0  44 75 57 64 30 65 47 65  79 6A 71 72 65 55 61 4C   DuWd0eGe yjqreUaL 
000001D0  25 32 46 44 78 6A 63 49  30 4C 54 63 44 25 32 46   %2FDxjcI 0LTcD%2F 
000001E0  6E 51 65 36 6D 5A 77 71  50 59 4F 61 34 66 46 42   nQe6mZwq PYOa4fFB 
000001F0  77 25 32 42 59 4C 78 36  59 54 54 4F 53 38 25 32   w%2BYLx6 YTTOS8%2 
00000200  42 62 78 25 32 46 36 45  44 67 47 45 47 57 6C 57   Bbx%2F6E DgGEGWlW 
00000210  72 63 56 72 39 49 25 32  46 47 70 72 7A 6F 4B 72   rcVr9I%2 FGprzoKr 
00000220  25 32 42 6F 77 67 68 35  59 6A 62 66 32 78 71 72   %2Bowgh5 Yjbf2xqr 
00000230  55 4F 72 32 30 63 77 25  32 42 38 59 63 33 30 68   UOr20cw% 2B8Yc30h 
00000240  52 64 39 38 4A 67 56 25  32 42 66 79 69 52 6B 31   Rd98JgV% 2BfyiRk1 
00000250  47 52 44 6F 38 6C 69 6D  67 32 4B 34 45 7A 30 45   GRDo8lim g2K4Ez0E 
00000260  37 78 73 59 55 61 4A 74  59 4C 62 77 65 53 65 4F   7xsYUaJt YLbweSeO 
00000270  77 4A 25 32 42 6D 50 6A  25 32 46 77 32 4C 79 74   wJ%2BmPj %2Fw2Lyt 
00000280  31 66 31 4A 69 47 71 66  59 50 71 7A 31 5A 67 6F   1f1JiGqf YPqz1Zgo 
00000290  41 73 78 25 32 46 75 75  67 37 34 38 6C 78 5A 34   Asx%2Fuu g748lxZ4 
000002A0  6A 67 49 78 6F 33 46 66  66 38 32 35 57 51 5A 54   jgIxo3Ff f825WQZT 
000002B0  4D 53 45 6A 6A 64 4B 32  73 4A 65 57 37 43 41 63   MSEjjdK2 sJeW7CAc 
000002C0  4F 55 30 44 4A 67 64 36  6A 38 37 41 51 48 63 44   OU0DJgd6 j87AQHcD 
000002D0  51 54 59 6B 37 49 61 30  75 25 32 46 41 25 33 44   QTYk7Ia0 u%2FA%3D 
000002E0  25 33 44 3B 20 4F 41 4D  5F 52 45 51 3D 69 6E 76   %3D; OAM _REQ=inv 
000002F0  61 6C 69 64 3B 20 4F 41  4D 5F 49 44 3D 56 45 52   alid; OA M_ID=VER 
00000300  53 49 4F 4E 5F 34 7E 2B  7A 66 38 45 5A 66 54 57   SION_4~+ zf8EZfTW 
00000310  63 4F 43 31 77 6B 41 55  53 4E 64 49 67 3D 3D 7E   cOC1wkAU SNdIg==~ 
00000320  30 63 49 38 55 52 78 70  33 30 5A 35 72 7A 43 34   0cI8URxp 30Z5rzC4 
00000330  37 4C 67 2B 36 4C 59 66  6F 2F 6A 6B 37 55 4E 55   7Lg+6LYf o/jk7UNU 
00000340  50 37 32 58 44 62 6A 38  52 79 2F 65 6A 6D 30 44   P72XDbj8 Ry/ejm0D 
00000350  6B 55 65 66 6E 4D 6C 57  76 7A 6A 73 46 32 6F 55   kUefnMlW vzjsF2oU 
00000360  46 76 52 2F 39 6D 6E 75  49 47 75 35 2F 37 77 4C   FvR/9mnu IGu5/7wL 
00000370  55 51 33 52 6A 48 70 59  57 7A 56 30 64 74 76 52   UQ3RjHpY WzV0dtvR 
00000380  39 38 37 52 53 4D 31 61  54 73 43 49 75 56 43 59   987RSM1a TsCIuVCY 
00000390  67 2B 71 79 75 35 43 4F  46 47 68 51 77 52 41 62   g+qyu5CO FGhQwRAb 
000003A0  46 72 2F 6D 67 41 48 36  35 51 33 37 41 6F 6E 45   Fr/mgAH6 5Q37AonE 
000003B0  4B 36 67 70 37 65 66 78  5A 5A 36 66 42 79 55 5A   K6gp7efx ZZ6fByUZ 
000003C0  6D 36 54 57 71 4A 74 5A  52 50 77 68 51 51 56 45   m6TWqJtZ RPwhQQVE 
000003D0  72 6D 73 59 35 43 4C 66  54 72 59 50 34 6E 48 6C   rmsY5CLf TrYP4nHl 
000003E0  2B 43 37 54 76 6D 6C 45  4A 6E 41 6D 6E 48 6C 64   +C7TvmlE JnAmnHld 
000003F0  59 38 57 51 59 74 34 6E  4E 72 53 7A 46 48 41 55   Y8WQYt4n NrSzFHAU 
00000400  49 69 4E 67 41 73 67 6A  35 2F 6C 43 36 77 74 51   IiNgAsgj 5/lC6wtQ 
00000410  63 39 6B 59 43 7A 5A 7A  62 67 79 67 2F 51 37 61   c9kYCzZz bgyg/Q7a 
00000420  00 00 15 4F 41 4D 5F 49  4D 50 45 52 53 4F 4E 41   ...OAM_I MPERSONA 


You can use the "keepalive" string snippet as a "marker" to try to align the two buffer dumps
above, and in the former, you can see "testuser" in there, whereas in the latter, that part
is empty.

Jim

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message