> Are you using AJP or HTTP as your proxy protocol? If AJP, are you > using tomcatAuthentication="false" on your <Connector>? I'm not > exactly sure what happens when you do that... you might get a > NonLoginAuthenticator.
in our Vhost file, we have this: <Location "/xmlui"> ProxyPass ajp://127.0.0.1:8009/xmlui retry=1 keepalive=on ProxyPassReverse ajp://127.0.0.1:8009/xmlui ShibUseHeaders On SetEnv proxy-sendchunked 1 </Location> in our server.xml file, we have this: <!-- Define an AJP 1.3 Connector on port 8009, just on localhost --> <Connector port="8009" enableLookups="false" redirectPort="8080" protocol="AJP/1.3" address="127.0.0.1" tomcatAuthentication="false" maxSwallowSize="-1" connectionTimeout="1232000" disableUploadTimeout="false" connectionUploadTimeout="1232000" URIEncoding="UTF-8"/> So, we're using tomcatAuthentication="false" I will try your suggestion of using NonLoginAuthenticator and see what I get. If it doesn't work, I'll try your suggestion of setting a breakpoint and using a debugger to look at the stack. --Hardy ________________________________________ From: Christopher Schultz [ch...@christopherschultz.net] Sent: Thursday, September 03, 2015 4:31 PM To: Tomcat Users List Subject: Re: seeking help with stabilizing the persistence of a JSESSIONID -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hardy, On 9/3/15 2:32 PM, Pottinger, Hardy J. wrote: >> Are you actually using HTTP Basic authentication? You may be >> configuring the wrong authenticator. (I know nothing about >> Shibboleth) > > I'm using Apache HTTPD as a front-end (via mod_proxy) for Tomcat, > since Shibboleth works (mostly) with Apache HTTPD. So, the > authentication happens on the HTTPD side. Are you using AJP or HTTP as your proxy protocol? If AJP, are you using tomcatAuthentication="false" on your <Connector>? I'm not exactly sure what happens when you do that... you might get a NonLoginAuthenticator. You could cause any error to occur in your application and then look at the stack trace to find out what kind of authenticator you got (the Valve will be in the stack trace). - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJV6Lw8AAoJEBzwKT+lPKRYw44QAKJO9pb/0iH1JtQPO1MmRAdE /NbcpF6wKZ1xnDOE41JmP1rf8KymoO0pv0CNKgdrQdFyFCARQMasEN6ujcW/KTpR A3N1zdSnAeM/rW7yoh6JqBjJ14+sw65Ve5lZXVuxebJFXvLZePtTMzxV6Obgx4Tm or+FXM7z7Kl1KsPv0ghYb65/iScpg5Dyi0o+WsOReZjkAivG1Sz0Oz7vHofN/nb+ SpvJD5g8mdQ630Creszmo4vlAUHS6ndvxKdR1xJVCCNwVFKqnAelKa1VUiWRZmb8 529fEh/KHU/GHr1gJ/WXfV5AQXJtMmgGVq+s7jfiyqfHK4b8zmiRgnmJf2M+ItAP QVCIAhKFmA5BXsulcFoZXXduaBEGjtttD7pfOMcglH5kjm5HN0/0O7PoHKce815U JHGSoqnsxjmxNa/s6X2CoTpBYdE2k8sGsr0CqWCMOvn++U9SrXW/l7ppi3TXqW5y I4mlEvfgVG65/Oz2vxmTznTXSXiz+TBf8bcYQf1azKo7wJymxdN7k2qeNuuC7Tp1 p8pUPTF7LQ3u++z02esIP4+BVG6gwjh2Pvj/ghtlGu2wtZVmuSC1L5BvnV6+utgn ybFrSXJvnxgeC1opUQyn9wQlDibH46MC6WLFWPwkgexKWUk2c5pOAQUn599EMKSn UmrliKbkSJw81JWylVcc =7pMV -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org