Hello Sunil,
I'm not sure if I understand what you trying to do...
If you want Apache to authenticate there should be something like this in
httpd.conf
<Location /secure>
AuthType basic
AuthName "japan area"
AuthBasicProvider dbm
AuthDBMType SDBM
AuthDBMUserFile /www/etc/dbmpasswd
Require valid-user
</Location>
If you want Tomcat to do the authentication then
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>HARBOR Security</realm-name>
</login-config>
<security-constraint>
<!--this section dictates which URLS will invoke security-->
<web-resource-collection>
<web-resource-name>Test</web-resource-name>
<url-pattern>/service/admin</url-pattern>
</web-resource-collection>
<!--only users in these roles will get access to the above uri-->
<!--users are set in the conf/tomcat-users.xml file-->
<auth-constraint>
<role-name>japan_admin</role-name>
</auth-constraint>
</security-constraint>
I tried to find a good example for you, but I couldnt find anything for
mod_jk2.... maybe someone else can comment on this but I think mod_jk2 has been
deprecated (its old)... yes the numbering doesnt make sense. Anyway I think if
you use mod_jk in future, you will find many more people can help.
If you want SSL as well then have a look at the apache help file ie
http://apacheserver/manual
I dont know mod_jk2 but I think that any Cert or Ssl stuff in worker files must
be for SSL between Apache and Tomcat... and its not often needed or wanted.
Anyway... if you want little login box's to prompt the user.... must do
something like the above. If you do it in Apache then local users can still get
into Tomcat through a connector, if you do it in Tomcat then all users via
Apache or direct to tomcat will have to login. It depends on what your system
looks like... I think it will probably be easier to do it on Tomcat and then
deliver the WAR package to Japan. That way Apache admin person just needs a
simple connector setup.
Here is some sample stuff for mod_jk that will help you get going
http://tomcat.apache.org/tomcat-3.3-doc/mod_jk-howto.html
and some more for SSL
https://spaces.internet2.edu/display/SHIB/JKIdPInstall
Main point is if you start using MOD_JK then just googling for Tomcat Mod_jk
will give you losts of info....
Your english is much better than my japanese, but for prompting user login the
word to search for is AUTHENTICATION... searching for "security" will probably
give you SSL.
Hope that helps
----- Original Message -----
From: sunil chandran
To: Tomcat Users List
Cc: JOHN
Sent: Wednesday, April 04, 2007 10:58 AM
Subject: Re: problem in handlins request for JK2
Hi ,
this is the modifictaion i made in workers2.properties file:
------------------------------------------------------------------------------------------------------------------------
[channel.socket:localhost:8009]
info=Ajp13 forwarding over socket
debug=0
tomcatId=localhost:8009
# define the worker
[ajp13:localhost:8009]
channel=channel.socket:localhost:8009
group=lb
[uri:/cert]
info=Colavo Authentication.
debug=0
[uri:/]
info=Colavo Authentication.
debug=0
[uri:/event]
info=Colavo Authentication.
debug=0
[uri:/status]
[uri:/status02]
info=Colavo Authentication.
debug=0
-------------------------------------------------------------------
then i added
LoadModule jk2_module modules/mod_jk2.so
inside httpd.conf file in apache.
now i can succesfully run
http://serverIP/status
http://serverIP/cert?username=....&password=...
this is working fine. but i need to restrict from opening this URL from my
systtem
that url should ask for authorization required (401 error)
but the problem is i am able to run this url of server located in Japan from
my system also. which i should restrict.
i need to do some changes in httpd.conf file itself..
please help me forward
On 4/4/07, JOHN <[EMAIL PROTECTED]> wrote:
Please show us the setup files...
----- Original Message -----
From: "sunil chandran" < [EMAIL PROTECTED]>
To: <users@tomcat.apache.org>
Sent: Wednesday, April 04, 2007 9:02 AM
Subject: problem in handlins request for JK2
> Hello all,
>
> I am Sunil C.
> i have used JK2 connector to connect Apache and Tomcat
> I am having a servlet (Certserv) folder in webapps folder in Tomcat.
> i gave uri to that cert program in my workers2.properties file.
>
> everything is working fine.
>
> but i face a secuirty issue. this machine is in other domain. i mean
> Japan.
> i did a remote login and checked the uri . its working fine.
>
> the real problem lies ...when i type the uri from my machine. it should
> show
> "authentication required"
> because that folder is authentication restricted.
> but now ..i am able to run the uri from machine also.
>
> please tell me how can i restrict it.
>
> i tried giving :
>
> <Location "/cert">
> JkUriSet worker ajp13:localhost:8009
> </Location>
>
> but it doesnt seem to work.
>
> is there something i have to include in my httpd.conf file of Apache?
>
> please help me forward
>
> thanks in advance.
>
>
>
>
> --
> Sunil
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Sunil
