www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Hollister <djhollis...@hotmail.com>
Subject mod_auth-any/6407: User Authentication for Servlets
Date Fri, 11 Aug 2000 01:22:43 GMT

>Number:         6407
>Category:       mod_auth-any
>Synopsis:       User Authentication for Servlets
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Aug 10 18:30:00 PDT 2000
>Originator:     djhollister@hotmail.com
>Release:        1.3
Windows 2000, Apache 1.3.12, ApacheJserv/1.1.2, JSDK 2.0, JDK 1.2
My problem is exactly like the one in PR#3697.  I added the following lines, per PR#3697,
<LOCATION /servlets> Options None....etc </Location> to the jserv.conf file(also
tried the httpd.conf with no luck).  When I access a servlet they run without any username
and password window appearing.

Security on the sevlets directory is actually a workaround for what I'm really trying to do.
 I already have user authentication on the htdocs directory working fine.  However when a
simple html calls my servlet it does not pass the user name along to the servlet, ie when
I call getRemoteUser it is always null.  

I would prefer to just have the html form send the user name to the servlet, but I don't know
how to do that.  If that is not possible, I guess getting user authentication directly on
the servlets directory would suffice.

Thank you for any help.


 [In order for any reply to be added to the PR database, you need]
 [to include <apbugs@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]

View raw message