-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Colin,
On 1/13/2010 4:33 PM, cgswtsu78 wrote: > Thanks for the info below. The problem I have is that the authentication is > already being done on the apache side as my java/tomcat web application > lives within an apache perl application. I'm just trying to prevent anyone > from being able to deep dive directly to the java/tomcat application via the > URL (i.e. http GET is the only issue). I was wondering if there is any way > that tomcat can check a flag to see if the user is auth'd and if not > redirect somewhere. Maybe I'm too narrowly focused here... If you use mod_jk to proxy requests from httpd to Tomcat, you should be getting authentication information passed across the wire to Tomcat. You'll need to set tomcatAuthentication="false" on your AJP <Connector> in order to have this information sent from httpd. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAktQkToACgkQ9CaO5/Lv0PApeACfSeHnFYIrObxRPiq09yMqffBJ 6xsAnRnSwnhbgmHd0MghZOKXLZIKp4ge =m1IJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
