-
1. Re: mod_jk2 version
lviz Apr 21, 2004 4:28 AM (in response to meinholz)we use
4 Boxes with
Apache/2.0.49 (Gentoo/Linux) mod_ssl/2.0.49 OpenSSL/0.9.7d mod_jk2/2.0.4
jboss-3.2.4RC2 from cvs
behind 2 LVS loadbalancers.
everything works as expected :)
what kind of problems do you have ?
cheers
L -
2. Re: mod_jk2 version
meinholz Apr 21, 2004 7:28 AM (in response to meinholz)I'm using almost identicle systems, gentoo, apache 2.0.49 (built by hand with whatever mod_ssl comes bundled), mod_jk2 2.0.4. I am using jboss 3.2.3 though.
I think the problem I'm having is a problem with mod_jk2 and not jboss. I am unable to get remoteUser from the HttpServletRequest. This is required for my application. I am not able to getRemoteUser with tomcat 4.1.30, mod_jk2, apache 2 combination either. It does however work with apache 1.3, mod_jk (tomcat or jboss). BTW, I do have the setting: tomcatAuthentication="false" in my configuration.
I can try with jboss 3.2.4RC1, but I guess I will have to back up to apache 1.3 and mod_jk. I will post a bug in tomcat bugzilla. Thanks,
Lloyd -
3. Re: mod_jk2 version
lviz Apr 21, 2004 9:12 AM (in response to meinholz)hi again
i did i litte research and testsetup
it worked for me, perfect!
tomcatAuthentication="false" means getRemoteUser return the user authenticated through Apache!
i did a
<Location /some/>
AuthName "MainRealm"
AuthType Basic
AuthUserFile /etc/apache2/users
require valid-user
i created a user with
htpasswd2 -c users someuser
and the request.getRemoteUser(); returned the user "someuser" ;)
cheers
L -
4. Re: mod_jk2 version
meinholz Apr 21, 2004 12:26 PM (in response to meinholz)Thank you very much. I have been tinkering with this problem off and on since apache 2 came out. I think the solution is more of a work around and it is a bug in mod_jk2, but at least I can deal with it.
Here is what is apparently happening. I have been using access control for my entire web site, so I put the Auth directives in the top level . If I add the Auth directives to all the <Location /webapps> (like you did in your example and which should be redundant to my understanding) then I am able to do a getRemoteUser(). If I don't have the Location directive, I can't get it.
I'm not an apache expert, but it doesn't seem like I should have to do auth at Location if I've already done auth at the level (I want to password protect my entire site, not just the webapps). And apache 1.3 and mod_jk don't require the Location directive to successfully use getRemoteUser().
Interesting and thanks a lot for taking the time to help resolving this issue!!!
Lloyd -
5. Re: mod_jk2 version
f2racer May 7, 2004 4:29 PM (in response to meinholz)"Lviz" wrote:
hi again
tomcatAuthentication="false" means getRemoteUser return the user authenticated through Apache!
Lviz or anybody else, where you you set tomcatAuthentication="false" in JBoss 3.2.3?
Thanks! -
6. Re: mod_jk2 version
lviz May 10, 2004 5:05 AM (in response to meinholz)hello f2racer
in server/*yourconfig*/deploy/jbossweb-tomcat*/META-IF/jboss-service.xml
add tomcatAuthentication="false" to your
apj13 connector
eg.<!-- A AJP 1.3 Connector on port 8009 --> <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" address="${jboss.bind.address}" port="8009" minProcessors="20" maxProcessors="250" enableLookups="true" redirectPort="8443" tomcatAuthentication="false"........../>
cheers
L