As far as I can tell, the following modification to the ApacheConfig.java class will enable form-based authentication to work for people using mod_jk.conf-auto with Apache.
mod_jk needs to be told to handle requests of the form "/webapproot/somedir/j_security_check" since a login.jsp page (for form-based authentication) may exist at "/webapproot/somedir/login.jsp" and may specify "j_security_check" as the target of a form submission. In order for the form-based authentication machinery to work, it needs to get the POST request that is going to "/webapproot/somedir/j_security_check" which means that pattern has to be present in the mod_jk.conf-auto ie: the following line must be in the mod_jk configuration file: JkMount /webapproot/*j_security_check ajp12 Does anyone see any potential problems with this? -Mike Jennings Index: jakarta-tomcat/src/share/org/apache/tomcat/task/ApacheConfig.java =================================================================== RCS file: /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/task/Attic/ApacheConfig.java,v retrieving revision 1.12.2.2 diff -r1.12.2.2 ApacheConfig.java 202a203 > mod_jk.println("JkMount /*j_security_check ajp12"); 289a291 > mod_jk.println("JkMount " + path +"/*j_security_check ajp12");