thenticated.
But indeed this is no longer an Apache or a tomcat or tomcat Connector issue,
it is a
webapp logic or configuration issue.
On 16.05.2020 08:40, ohaya wrote:
> Hi,
>
> When I configure the OAM protection, they have the ability to configure
> values that go into HTTP headers (
just a Tomcat-related issue.
Jim
On Friday, May 15, 2020, 09:38:19 AM EDT, Christopher Schultz
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jim,
On 5/15/20 08:42, ohaya wrote:
> Yes, I am using Oracle Access Manager (OAM) so we have what they
> call an "OA
httpd side, which authenticates the user
before the
request gets passed to tomcat (via AJP) ?
On 15.05.2020 14:08, ohaya wrote:
> Hi Olaf,
>
> Thanks. I do appreciate that! I will do more digging.
>
> Jim
>
>
> On Friday, May 15, 2020, 07:41:50 AM EDT, Olaf
Hi Olaf,
Thanks. I do appreciate that! I will do more digging.
Jim
On Friday, May 15, 2020, 07:41:50 AM EDT, Olaf Kock
wrote:
On 15.05.20 13:23, ohaya wrote:
> Hi,
>
> I just tried adding the secret to the Apache side:
>
> ProxyPass ajp://192.168.218.XXX:8
ttpd.conf:
ProxyPass unknown Worker parameter
I am currently using Apache 2.4.39. Is there another way to specify the
"secret"?
Thanks,
Jim
On Friday, May 15, 2020, 07:04:44 AM EDT, ohaya
wrote:
Hi,
The Tomcat version I am using is 9.0.20. I will take a look at the chang
Hi,
The Tomcat version I am using is 9.0.20. I will take a look at the changelog.
This is the first time I have tried this, and I couldn't find much info, so I
appreciate the feedback. I will look for info about "secret".
I wasn't sure about the format on the Apache side for the
Hi,
I am using an Apache proxy in front of Tomcat 9, and I am using AJP connection
to connect from the Apache to Tomcat, and I have the Apache sending a username
to the Tomcat in a REMOTE_USER header.
In the Tomcat server.xml I have:
In the Apache httpd.conf, to test, this I have:
oh...@cox.net wrote:
Mark Thomas ma...@apache.org wrote:
On 07/07/2012 17:33, oh...@cox.net wrote:
Trace A:
java.util.logging.ErrorManager: 5
java.lang.NullPointerException
at
java.util.ListResourceBundle.handleGetObject(ListResourceBundle.java:109)
Hi,
I have a simple servlet deployed to Tomcat 6.0.35, and when I enable
load-on-startup in the web.xml, so that the servlet's init() method gets run
when Tomcat starts up, I get:
.
.
In LoginServlet.init: Returned from calling CreateDefaultInstance...
In LoginServlet.init: FINISHED
Mark Thomas ma...@apache.org wrote:
On 07/07/2012 13:40, oh...@cox.net wrote:
Can anyone tell me what might be causing the error, and how I can eliminate
the problem?
Since you have removed the part of the stack trace that might tell use
what the cause is, no.
Mark
Hi Mark,
Mark Thomas ma...@apache.org wrote:
On 07/07/2012 17:33, oh...@cox.net wrote:
Trace A:
java.util.logging.ErrorManager: 5
java.lang.NullPointerException
at
java.util.ListResourceBundle.handleGetObject(ListResourceBundle.java:109)
at
Hi,
Awhile ago, I had this thread, where I originally trying to see if I could get
Tomcat, using the AJP connector and tomcatAuthentication to work, when I had
an OAM webgate installed on the Apache proxy fronting the Tomcat:
Hi,
I'm trying to debug some problems while enabling JNDIRealm in Tomcat 6.0.33.
I've gotten Tomcat itself to output debug logging, but looking at the
JNDIRealm.java code, e.g.:
http://www.docjar.com/html/api/org/apache/catalina/realm/JNDIRealm.java.html
It looks like there's a bunch of debug
Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/5/17 oh...@cox.net:
Hi,
I'm trying to debug some problems while enabling JNDIRealm in Tomcat 6.0.33.
I've gotten Tomcat itself to output debug logging, but looking at the
JNDIRealm.java code, e.g.:
oh...@cox.net wrote:
Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/5/17 oh...@cox.net:
Hi,
I'm trying to debug some problems while enabling JNDIRealm in Tomcat
6.0.33.
I've gotten Tomcat itself to output debug logging, but looking at the
oh...@cox.net wrote:
oh...@cox.net wrote:
Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/5/17 oh...@cox.net:
Hi,
I'm trying to debug some problems while enabling JNDIRealm in Tomcat
6.0.33.
I've gotten Tomcat itself to output debug
Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/5/17 oh...@cox.net:
See
http://tomcat.apache.org/tomcat-6.0-doc/logging.html#Servlets_logging_API
Here's a partial stripped down version of my server.xml, to show the
JNDIRealm part in context. I guess that it's in
oh...@cox.net wrote:
Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/5/17 oh...@cox.net:
See
http://tomcat.apache.org/tomcat-6.0-doc/logging.html#Servlets_logging_API
Here's a partial stripped down version of my server.xml, to show the
JNDIRealm
Christopher Schultz ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 5/17/12 1:56 PM, oh...@cox.net wrote:
I think that the code snippet I sent earlier was the wrong one, but
it seems like I still should have gotten some output logging
Hi Chuck,
Thanks for the pointer to the CombinedRealm, but, as I've been working with the
test implementation that I mentioned for extending the JNDIRealm, I *think*
that I'm coming to the realization that I was asking for is probably not
possible, or at least not practical, unless I'm totally
André Warnier a...@ice-sa.com wrote:
Hi Jim.
As I recall, your original issue was that there is no OAM plugin for
Tomcat, and
therefore, you are doing the OAM authentication within the front-end Apache,
and then
passing the user-id to Tomcat.
And then, you find yourself in
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
Hi Jim.
As I recall, your original issue was that there is no OAM plugin for
Tomcat, and
therefore, you are doing the OAM authentication within the front-end
Apache, and
Hi,
This is a followup to an earlier thread, Do any of the Tomcat LDAP-type realms
support no password authentication?.
As I mentioned in that earlier thread, I'm still new to Tomcat, and still
trying to find my way around, and understand (somewhat) its security design, so
apologies in
Rainer Jung rainer.j...@kippdata.de wrote:
On 02.12.2011 17:49, André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Rainer Jung rainer.j...@kippdata.de wrote:
Although this thread has moved forward towards the role topic, I want to
give some infos about the user forwarding by mod_jk. Some of it was
already present in previous
Rainer Jung rainer.j...@kippdata.de wrote:
On 05.12.2011 10:42, oh...@cox.net wrote:
André Warniera...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Rainer Jungrainer.j...@kippdata.de wrote:
Although this thread has moved forward towards the role topic, I want to
oh...@cox.net wrote:
Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In other words, even though my valve code can assert a user
into Tomcat, and even if that
André Warnier a...@ice-sa.com wrote:
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier, where I
was using
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
André Warnier wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this
user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM
module directly
for Tomcat, to authenticate users there. Why are you not using
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass
this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM
module
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass
this user-id to
Tomcat ?
Obviously, from the
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Now let me ask
Hi,
I didn't say anything about it before, but I've been, in parallel with
our discussion, mucking around both the OAM innards and the Apache source
code, as best I can, trying to find out why that internal remote_user
string (it is, I believe, only internal to Apache),
Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In other words, even though my valve code can assert a user
into Tomcat, and even if that same user already exists in the
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will not do it's own
authentication, and
will instead rely on the
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means that Tomcat will not do it's own
authentication,
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
...
Connector port=8009 protocol=AJP/1.3 redirectPort=8443
tomcatAuthentication=false /
That is correct. The false means
Christopher Schultz ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 11:26 AM, oh...@cox.net wrote:
Sure. Here's the section from httpd.conf. This is testing where I
purposely insert a REMOTE_USER HTTP header into the request
oh...@cox.net wrote:
Christopher Schultz ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim,
On 12/2/11 11:26 AM, oh...@cox.net wrote:
Sure. Here's the section from httpd.conf. This is testing where I
purposely insert a
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a
JkMountCopy 'on' inside the VirtualHost, and now, it's at least
proxying through to the Tomcat using mod_jk!!
BUT, it's still
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a
JkMountCopy 'on' inside the VirtualHost, and now, it's at least
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
.. re-synchronising..
I've made some progress. I have a VirtualHost, so I had to add a
JkMountCopy 'on' inside the
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat
connection. I have a sniff from earlier, where I was using ProxyPass ajp://,
and, comparing that sniff vs. a sniff that I have from when I tested with your
suggested Location, in the
oh...@cox.net wrote:
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the
Apache-to-Tomcat connection. I have a sniff from earlier, where I was using
ProxyPass ajp://, and, comparing that sniff vs. a sniff that I have from
when I tested with
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
support an authentication mode where no password or credentials are
required? In other
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
support an authentication mode
Mark Thomas ma...@apache.org wrote:
On 01/12/2011 18:17, oh...@cox.net wrote:
Having said all of that, I guess that my question has changed
somewhat. Specifically, now I'm wondering: With what I described
above, and with my valve as described above, does the asserted user
NOT
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm,
oh...@cox.net wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
André Warnier a...@ice-sa.com wrote:
oh...@cox.net wrote:
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of
Caldarale wrote:
From: oh...@cox.net [mailto:oh...@cox.net]
Subject: Re: Do any of the Tomcat LDAP-type realms support no password
authentication?
In my sniffer, I can see the REMOTE_USER set to the hard-coded
string, but in my test JSP on Tomcat, there getUserPrincipal()
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, where just a userID/username is presented, and if that userID/username
is
Hi,
I have a web application that works when run directly under Tomcat. This web
app has the following in web.xml:
security-constraint
web-resource-collection
web-resource-nametestweb/web-resource-name
description accessible by authenticated
Hi,
AHH!!
I was only looking through the Eclipse GUI settings, and hadn't noticed that
under Servers--Tomcat v5.5 in the Eclipse Project Explorer, there were
catalina.policy, etc. files, including tomcat-users.xml :(...
So, I added my role and user definitions to that tomcat-users.xml, and it
56 matches
Mail list logo
