bug in apache 2 authentication + tomcat 4.1.29 + mod

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Struts - A MVC web framework

Tomcat - JSP/Servlet container

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

JSP - A mailing list about Java Server Pages specification and reference

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

bug in apache 2 authentication + tomcat 4.1.29 + mod_jk 1.2.5 ?

bug in apache 2 authentication + tomcat 4.1.29 + mod_jk 1.2.5 ?

2003-12-09 - By Stefanos Karasavvidis

Back
I have an issue with apache authentication and tomcat, but I'm not sure
if this is a bug or just "the way it works".

I have
Apache 2.0.47 (windows + linux)
tomcat 4.1.29
mod_jk 1.2.5

The connector element has tomcatAuthentication=false (I tried also
putting this in jk2.properties, but this doesn't work anymore)

I protect entire directories by placing an .htaccess file in those
directories

The problem is that every request which is handled by tomcat (*.jsp)
bypasses the apache authentication. If the reqeust is handled directly
by apache (e.g. *.html), authentication works fine (login/password is
requested).

There is an exception when calling http://hostname/dirname/ when it goes
to a index.jsp. In this case apache asks for authentication. Calling
http://hostname/dirname/index.jsp directly does not ask for authentication.

The problem can be solved by placing the .htaccess directives directly
inside the httpd.conf file (<Location ....).

I know for sure that this worked perfectly with apache 1.3.2x and tomcat
4.1.24 and mod_jk 1.2.2, so I don't know if this is a tomcat issue
(4.1.29) or an apache issue (2.0.xx) or a mod_jk issue. But I also don't
know if this is "the way it should work".

I had filed a bug report
(http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25055) because I
thought that I could not call getRemoteUser(), but this turned out to be
because of the above described problem.

So I'm asking the list
- is there anyone having apache 2.0.47 and latest 4.1.x tomcat and
latest mod_jk who works with .htaccess files?
- does authentication work as expected?

Thanks for any reply

Regards

Stefanos

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)