Hi Andre (and Christopher and Olaf),
I think that that is a good summary of where this is at this point.
Thanks!
Jim
On Saturday, May 16, 2020, 08:23:54 AM EDT, André Warnier (tomcat/perl)
wrote:
In summary, yes, I think you're right in your final conclusion below.
If the tomcat
In summary, yes, I think you're right in your final conclusion below.
If the tomcat access log shows the authenticated user, it means that tomcat got it, and I
see no other way than from Apache and through that "tomcatAuthentication=false" option of
the tomcat AJP connector.
And that in turn
Hi,
When I configure the OAM protection, they have the ability to configure values
that go into HTTP headers (among other things) upon successful authentication
(to OAM).
I usually test this by protecting /cgi-bin/printenv on the Apache. printenv has
this :
##
## printenv -- demo CGI