tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ophusky"<>
Subject Re: Re: a question about Realm config
Date Thu, 01 Jun 2017 09:09:01 GMT
Thank you very much! I according to what you said it and solved the problem. 
I have modified  CATALINA_HOME/conf/server.xml to :

<Context path="/sample" docBase="/home/coremail/tomcat/webapps_exp/sample">
                <Realm className="org.apache.catalina.realm.LockOutRealm">
                <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
                     resourceName="UserDatabase" digest="MD5"/>  
                <Valve className="org.apache.catalina.authenticator.DigestAuthenticator"

Everything is all right,thanks again!



发件人:Mark Thomas <>
发送时间:2017-06-01 15:50
主题:Re: a question about Realm config
收件人:"Tomcat Users List"<>

This time to the list... 

On 01/06/17 08:02, ophusky wrote: 
> Tomcat version: 
> Nginx  version:openresty/ 
> OS:CentOS Linux release 7.3.1611 (Core) 
> I have already configure tomcat to use the DIGEST certification, 
> When I have direct access to Tomcat  all normal, 
>  can trigger the 
> certification and passed. 
> But when I through the nginx proxy access, 
>   have a few 
> problems,can trigger the certification but can't passed ,repeated 
> authentication dialog. 


> nginx.conf 
> location ~ /tomcat/ { 
>             rewrite ^/tomcat/(.*) /$1 break; 
>             proxy_pass; 
> } 
> Why cannot be accessed through the nginx and certified ? please help me 
> ,thanks! 

The request URL forms part of the DIGEST authentication process. By 
changing it in the reverse proxy, you are breaking the authentication 

You can disable the URI validation. See the validateUri attribute in


To unsubscribe, e-mail: 
For additional commands, e-mail: 
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message