tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pottinger, Hardy J." <Pottinge...@missouri.edu>
Subject RE: seeking help with stabilizing the persistence of a JSESSIONID
Date Fri, 04 Sep 2015 20:32:06 GMT
> Are you using AJP or HTTP as your proxy protocol? If AJP, are you
> using tomcatAuthentication="false" on your <Connector>? I'm not
> exactly sure what happens when you do that... you might get a
> NonLoginAuthenticator.

in our Vhost file, we have this:

<Location "/xmlui">
  ProxyPass         ajp://127.0.0.1:8009/xmlui retry=1 keepalive=on
  ProxyPassReverse  ajp://127.0.0.1:8009/xmlui
  ShibUseHeaders On
  SetEnv proxy-sendchunked 1
</Location>

in our server.xml file, we have this:
    <!-- Define an AJP 1.3 Connector on port 8009, just on localhost -->
    <Connector port="8009"
               enableLookups="false" redirectPort="8080" protocol="AJP/1.3" address="127.0.0.1"
tomcatAuthentication="false"
               maxSwallowSize="-1"
               connectionTimeout="1232000" disableUploadTimeout="false" connectionUploadTimeout="1232000"
URIEncoding="UTF-8"/>

So, we're using tomcatAuthentication="false"

I will try your suggestion of using NonLoginAuthenticator and see what I get. If it doesn't
work, I'll try your suggestion of setting a breakpoint and using a debugger to look at the
stack.

--Hardy
________________________________________
From: Christopher Schultz [chris@christopherschultz.net]
Sent: Thursday, September 03, 2015 4:31 PM
To: Tomcat Users List
Subject: Re: seeking help with stabilizing the persistence of a JSESSIONID

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hardy,

On 9/3/15 2:32 PM, Pottinger, Hardy J. wrote:
>> Are you actually using HTTP Basic authentication? You may be
>> configuring the wrong authenticator. (I know nothing about
>> Shibboleth)
>
> I'm using Apache HTTPD as a front-end (via mod_proxy) for Tomcat,
> since Shibboleth works (mostly) with Apache HTTPD. So, the
> authentication happens on the HTTPD side.

Are you using AJP or HTTP as your proxy protocol? If AJP, are you
using tomcatAuthentication="false" on your <Connector>? I'm not
exactly sure what happens when you do that... you might get a
NonLoginAuthenticator.

You could cause any error to occur in your application and then look
at the stack trace to find out what kind of authenticator you got (the
Valve will be in the stack trace).

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJV6Lw8AAoJEBzwKT+lPKRYw44QAKJO9pb/0iH1JtQPO1MmRAdE
/NbcpF6wKZ1xnDOE41JmP1rf8KymoO0pv0CNKgdrQdFyFCARQMasEN6ujcW/KTpR
A3N1zdSnAeM/rW7yoh6JqBjJ14+sw65Ve5lZXVuxebJFXvLZePtTMzxV6Obgx4Tm
or+FXM7z7Kl1KsPv0ghYb65/iScpg5Dyi0o+WsOReZjkAivG1Sz0Oz7vHofN/nb+
SpvJD5g8mdQ630Creszmo4vlAUHS6ndvxKdR1xJVCCNwVFKqnAelKa1VUiWRZmb8
529fEh/KHU/GHr1gJ/WXfV5AQXJtMmgGVq+s7jfiyqfHK4b8zmiRgnmJf2M+ItAP
QVCIAhKFmA5BXsulcFoZXXduaBEGjtttD7pfOMcglH5kjm5HN0/0O7PoHKce815U
JHGSoqnsxjmxNa/s6X2CoTpBYdE2k8sGsr0CqWCMOvn++U9SrXW/l7ppi3TXqW5y
I4mlEvfgVG65/Oz2vxmTznTXSXiz+TBf8bcYQf1azKo7wJymxdN7k2qeNuuC7Tp1
p8pUPTF7LQ3u++z02esIP4+BVG6gwjh2Pvj/ghtlGu2wtZVmuSC1L5BvnV6+utgn
ybFrSXJvnxgeC1opUQyn9wQlDibH46MC6WLFWPwkgexKWUk2c5pOAQUn599EMKSn
UmrliKbkSJw81JWylVcc
=7pMV
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message