There is no Tomcat, mod_jk nor httpd bug here.
The root cause of this thread is a configuration error.
>From the httpd docs for Location:
The URL may use wildcards. In a wild-card string, ? matches any single
character, and * matches any sequences of characters. Neither wildcard
character
On 08.10.2019 00:50, Magosányi Árpád wrote:
On 10/7/19 11:29 PM, André Warnier (tomcat) wrote:
DirectoryIndex off
RewriteEngine Off
AuthType openid-connect
AllowOverride None
AuthzDBDQuery "a correct database query"
Require dbd-group allrepo
LogLevel debug
On 10/7/19 11:29 PM, André Warnier (tomcat) wrote:
>
> DirectoryIndex off
> RewriteEngine Off
> AuthType openid-connect
> AllowOverride None
> AuthzDBDQuery "a correct database query"
> Require dbd-group allrepo
> LogLevel debug
>
Nice. It have solved the problem,
Adding to my own previous post :
A posteriori, I saw a question here :
https://stackoverflow.com/questions/58240796/pass-username-and-client-certificate-from-apache-to-tomcat-using-mod-jk
that may be related to your question on this list.
Examining the above, you problem may be in the httpd
On 07.10.2019 23:24, Magosányi Árpád wrote:
On 10/7/19 8:20 PM, André Warnier (tomcat) wrote:
Forgot the atribute 'tomcatAuthentication="false"' in the Connector ?
Yes, I did, however adding it back did not improve the situation.
Ok. I just mentioned that, because it is one piece of the
On 10/7/19 8:20 PM, André Warnier (tomcat) wrote:
>
> Forgot the atribute 'tomcatAuthentication="false"' in the Connector ?
>
Yes, I did, however adding it back did not improve the situation.
My server.xml now:
On 07.10.2019 17:36, Magosányi Árpád wrote:
Magosányi,
How are you getting the attributes from the request?
This is the filter code:
String user = httpRequest.getRemoteUser(); Object cert =
httpRequest.getAttribute("javax.servlet.request.X509Certificate");
> Magosányi,
>
> >> How are you getting the attributes from the request?
>
> > This is the filter code:
>
>
> > String user = httpRequest.getRemoteUser(); Object cert =
> > httpRequest.getAttribute("javax.servlet.request.X509Certificate");
> > this.context.log("user:"+user);
>
> This won't show
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Magosányi,
On 10/7/19 11:16, Magosányi Árpád wrote:
>> Magosányi,
>>
>> On 10/7/19 10:37, Magosányi Árpád wrote:
>>> I intend to use the user and certificate info in a Filter.
>>
>>> I think I have configured everything to do that, but the
>>>
> Magosányi,
>
> On 10/7/19 10:37, Magosányi Árpád wrote:
> > I intend to use the user and certificate info in a Filter.
>
> > I think I have configured everything to do that, but the
> > information does not get passed along. Based on various
> > documentations and howtos, SSLVerifyClient
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Magosányi,
On 10/7/19 10:37, Magosányi Árpád wrote:
> I intend to use the user and certificate info in a Filter.
>
> I think I have configured everything to do that, but the
> information does not get passed along. Based on various
> documentations
I intend to use the user and certificate info in a Filter.
I think I have configured everything to do that, but the information does not
get passed along. Based on various documentations and howtos, SSLVerifyClient
require, SSLOptions +StdEnvVars and SSLOptions +ExportCertData and JkExtractSSL
12 matches
Mail list logo
