HI Michael,
we have add some Imdicators at the coming mod_jk 1.2.28 release.
===
JkLocalNameIndicator
Name of the Apache environment variable which can be used to
overwrite the forwarded local name. Use this only if you need to
adjust the data (see the proxy documentation).
The default value is "JK_LOCAL_NAME".
This directive has been added in version 1.2.28 of mod_jk.
JkLocalPortIndicator
Name of the Apache environment variable which can be used to
overwrite the forwarded local port. Use this only if you need to
adjust the data (see the proxy documentation).
The default value is "JK_LOCAL_PORT".
This directive has been added in version 1.2.28 of mod_jk.
JkRemoteHostIndicator
Name of the Apache environment variable which can be used to
overwrite the forwarded remote (client) host name. Use this only if
you need to adjust the data (see the proxy documentation).
The default value is "JK_REMOTE_HOST".
This directive has been added in version 1.2.28 of mod_jk.
JkRemoteAddrIndicator
Name of the Apache environment variable which can be used to
overwrite the forwarded remote (client) IP address. Use this only if
you need to adjust the data (see the proxy documentation).
The default value is "JK_REMOTE_ADDR".
This directive has been added in version 1.2.28 of mod_jk.
JkRemoteUserIndicator
Name of the Apache environment variable which can be used to
overwrite the forwarded user name. Use this only if you need to
adjust the data (see the proxy documentation).
The default value is "JK_REMOTE_USER".
This directive has been added in version 1.2.28 of mod_jk.
JkAuthTypeIndicator
Name of the Apache environment variable which can be used to
overwrite the forwarded authentication type. Use this only if you
need to adjust the data (see the proxy documentation).
The default value is "JK_AUTH_TYPE".
This directive has been added in version 1.2.28 of mod_jk.
===
Next step is to add a valve to tomcat base to set the indicator
values to request object :-)
Regards
Peter
Am 21.03.2009 um 00:10 schrieb Michael B Allen:
Hi All,
What is the status of this issue?
https://issues.apache.org/bugzilla/show_bug.cgi?id=41263
I am interested in this because NTLMSSP authentication is basically
not possible unless the remote port is accessible and I want people to
be able to use my product through Apache if possible.
The reason it is not possible is because the NTLMSSP protocol is a
three message "handshake" so it requires storing state with the
connection at least temporarily. If you store the state in the session
using the same key, that state may be incorrectly read or overwritten
if multiple requests from different connections with the same session
ID are processed concurrently. The only solution that I am aware of is
to store the state in the session but use a key that includes the
remote port. Without the remote port is is basically impossible to
correctly implement NTLMSSP authentication through mod_jk.
Can anyone indicate as to how this issue might be resolved either by
implementing getRemotePort via mod_jk or by using another method of
discerning connections from one another?
I write C just as well as I do Java so I'm willing to create a patch
if someone can provide a pointer and any implementation hints they
might have or snags they might know of.
Mike
--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
