henticated.
But indeed this is no longer an Apache or a tomcat or tomcat Connector issue,
it is a
webapp logic or configuration issue.
On 16.05.2020 08:40, ohaya wrote:
> Hi,
>
> When I configure the OAM protection, they have the ability to configure
> values that go into HTTP
nger just a Tomcat-related issue.
Jim
On Friday, May 15, 2020, 09:38:19 AM EDT, Christopher Schultz
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jim,
On 5/15/20 08:42, ohaya wrote:
> Yes, I am using Oracle Access Manager (OAM) so we have what they
> call an &qu
httpd side, which authenticates the user
before the
request gets passed to tomcat (via AJP) ?
On 15.05.2020 14:08, ohaya wrote:
> Hi Olaf,
>
> Thanks. I do appreciate that! I will do more digging.
>
> Jim
>
>
> On Friday, May 15, 2020, 07:41:50 AM EDT, Olaf
Hi Olaf,
Thanks. I do appreciate that! I will do more digging.
Jim
On Friday, May 15, 2020, 07:41:50 AM EDT, Olaf Kock
wrote:
On 15.05.20 13:23, ohaya wrote:
> Hi,
>
> I just tried adding the secret to the Apache side:
>
> ProxyPass ajp://192.168.218.XXX:8
ttpd.conf:
ProxyPass unknown Worker parameter
I am currently using Apache 2.4.39. Is there another way to specify the
"secret"?
Thanks,
Jim
On Friday, May 15, 2020, 07:04:44 AM EDT, ohaya
wrote:
Hi,
The Tomcat version I am using is 9.0.20. I will take a look at the chang
Hi,
The Tomcat version I am using is 9.0.20. I will take a look at the changelog.
This is the first time I have tried this, and I couldn't find much info, so I
appreciate the feedback. I will look for info about "secret".
I wasn't sure about the format on the Apache side for the
ProxyPass/P
Hi,
I am using an Apache proxy in front of Tomcat 9, and I am using AJP connection
to connect from the Apache to Tomcat, and I have the Apache sending a username
to the Tomcat in a REMOTE_USER header.
In the Tomcat server.xml I have:
In the Apache httpd.conf, to test, this I have:
ProxyPa
oh...@cox.net wrote:
>
> Mark Thomas wrote:
> > On 07/07/2012 17:33, oh...@cox.net wrote:
> >
> > Trace A:
> > > java.util.logging.ErrorManager: 5
> > > java.lang.NullPointerException
> > > at
> > > java.util.ListResourceBundle.handleGetObject(ListResourceBundle.java:109)
>
Mark Thomas wrote:
> On 07/07/2012 17:33, oh...@cox.net wrote:
>
> Trace A:
> > java.util.logging.ErrorManager: 5
> > java.lang.NullPointerException
> > at
> > java.util.ListResourceBundle.handleGetObject(ListResourceBundle.java:109)
> > at java.util.ResourceBundle.getObje
Mark Thomas wrote:
> On 07/07/2012 13:40, oh...@cox.net wrote:
> > Can anyone tell me what might be causing the error, and how I can eliminate
> > the problem?
>
> Since you have removed the part of the stack trace that might tell use
> what the cause is, no.
>
> Mark
Hi Mark,
Sorry
Hi,
I have a simple servlet deployed to Tomcat 6.0.35, and when I enable
in the web.xml, so that the servlet's init() method gets run
when Tomcat starts up, I get:
.
.
In LoginServlet.init: Returned from calling CreateDefaultInstance...
In LoginServlet.init: FINISHED initializing!!
Jul 7, 2012
Hi,
Awhile ago, I had this thread, where I originally trying to see if I could get
Tomcat, using the AJP connector and "tomcatAuthentication" to work, when I had
an OAM webgate installed on the Apache proxy fronting the Tomcat:
http://tomcat.10.n6.nabble.com/Do-any-of-the-Tomcat-LDAP-type-realm
Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Jim,
>
> On 5/17/12 1:56 PM, oh...@cox.net wrote:
> > I think that the code snippet I sent earlier was the wrong one, but
> > it seems like I still should have gotten some output logging for
> > the following
oh...@cox.net wrote:
>
> Konstantin Kolinko wrote:
> > 2012/5/17 :
> > >> >
> > >> > See
> > >> > http://tomcat.apache.org/tomcat-6.0-doc/logging.html#Servlets_logging_API
> > >> >
> > >>
> > >> Here's a partial stripped down version of my server.xml, to show the
> > >> JNDIRealm p
Konstantin Kolinko wrote:
> 2012/5/17 :
> >> >
> >> > See
> >> > http://tomcat.apache.org/tomcat-6.0-doc/logging.html#Servlets_logging_API
> >> >
> >>
> >> Here's a partial stripped down version of my server.xml, to show the
> >> JNDIRealm part in context. I guess that it's in the ?
> >>
oh...@cox.net wrote:
>
> oh...@cox.net wrote:
> >
> > Konstantin Kolinko wrote:
> > > 2012/5/17 :
> > > > Hi,
> > > >
> > > > I'm trying to debug some problems while enabling JNDIRealm in Tomcat
> > > > 6.0.33.
> > > >
> > > > I've gotten Tomcat itself to output debug loggin
oh...@cox.net wrote:
>
> Konstantin Kolinko wrote:
> > 2012/5/17 :
> > > Hi,
> > >
> > > I'm trying to debug some problems while enabling JNDIRealm in Tomcat
> > > 6.0.33.
> > >
> > > I've gotten Tomcat itself to output debug logging, but looking at the
> > > JNDIRealm.java code,
Konstantin Kolinko wrote:
> 2012/5/17 :
> > Hi,
> >
> > I'm trying to debug some problems while enabling JNDIRealm in Tomcat 6.0.33.
> >
> > I've gotten Tomcat itself to output debug logging, but looking at the
> > JNDIRealm.java code, e.g.:
> >
> > http://www.docjar.com/html/api/org/apac
Hi,
I'm trying to debug some problems while enabling JNDIRealm in Tomcat 6.0.33.
I've gotten Tomcat itself to output debug logging, but looking at the
JNDIRealm.java code, e.g.:
http://www.docjar.com/html/api/org/apache/catalina/realm/JNDIRealm.java.html
It looks like there's a bunch of debug
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> Hi Jim.
> >>
> >> As I recall, your original issue was that there is no "OAM plugin" for
> >> Tomcat, and
> >> therefore, you are doing the OAM authentication within the front-end
> >> Apache, and then
"Caldarale wrote:
> > From: Robinson, Eric [mailto:eric.robin...@psmnv.com]
> > Subject: RE: Tomcat Silently Dies and then Won't Restart -- Error 1067
>
> > Tomcat 6 on our Windows 2003 R2 x64 server runs fine for a
> > day or two, then silently dies without leaving any messages
> > in th
"André Warnier" wrote:
> Hi Jim.
>
> As I recall, your original issue was that there is no "OAM plugin" for
> Tomcat, and
> therefore, you are doing the OAM authentication within the front-end Apache,
> and then
> passing the user-id to Tomcat.
> And then, you find yourself in Tomcat w
Hi Chuck,
Thanks for the pointer to the CombinedRealm, but, as I've been working with the
test implementation that I mentioned for extending the JNDIRealm, I *think*
that I'm coming to the realization that I was asking for is probably not
possible, or at least not practical, unless I'm totally
Hi,
This is a followup to an earlier thread, "Do any of the Tomcat LDAP-type realms
support "no password" authentication?".
As I mentioned in that earlier thread, I'm still new to Tomcat, and still
trying to find my way around, and understand (somewhat) its security design, so
apologies in
Rainer Jung wrote:
> On 05.12.2011 10:42, oh...@cox.net wrote:
> >
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >> ...
> >>> Rainer Jung wrote:
> Although this thread has moved forward towards the role topic, I want to
> give some infos about the user forward
"André Warnier" wrote:
> oh...@cox.net wrote:
> ...
> > Rainer Jung wrote:
> >> Although this thread has moved forward towards the role topic, I want to
> >> give some infos about the user forwarding by mod_jk. Some of it was
> >> already present in previous posts.
> >>
> >> 1) In
Rainer Jung wrote:
> On 02.12.2011 17:49, André Warnier wrote:
> > oh...@cox.net wrote:
> >> oh...@cox.net wrote:
> >>> "André Warnier" wrote:
> oh...@cox.net wrote:
> ...
> > > tomcatAuthentication="false" />
> >
> That is correct. The "false" means t
oh...@cox.net wrote:
>
> "Caldarale wrote:
> > > From: oh...@cox.net [mailto:oh...@cox.net]
> > > Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> > > authentication?
> >
> > > In other words, even though my valve code can assert a user
> > > into Tomcat,
"Caldarale wrote:
> > From: oh...@cox.net [mailto:oh...@cox.net]
> > Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> > authentication?
>
> > In other words, even though my valve code can assert a user
> > into Tomcat, and even if that same user already exists i
> > >
> > > Hi,
> > >
> > > I didn't say anything about it before, but I've been, in parallel with
> > > our discussion, mucking around both the OAM innards and the Apache source
> > > code, as best I can, trying to find out why that internal remote_user
> > > string (it is, I believe, only i
oh...@cox.net wrote:
>
> oh...@cox.net wrote:
> >
> > "André Warnier" wrote:
> > > oh...@cox.net wrote:
> > > > "André Warnier" wrote:
> > > >> oh...@cox.net wrote:
> > > >>> "André Warnier" wrote:
> > > oh...@cox.net wrote:
> > > >> Now let me ask anoth
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > > "André Warnier" wrote:
> > >> oh...@cox.net wrote:
> > >>> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > >> Now let me ask another question :
> > >> Why do you need to auth
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >>> "André Warnier" wrote:
> oh...@cox.net wrote:
> >> Now let me ask another question :
> >> Why do you need to authenticate the user at the Apache level, and pas
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> Now let me ask another question :
> Why do you need to authenticate the user at the Apache level, and pass
> this user-id to
> Tomcat ?
> Obviously, from th
"André Warnier" wrote:
> oh...@cox.net wrote:
> >> Now let me ask another question :
> >> Why do you need to authenticate the user at the Apache level, and pass
> >> this user-id to
> >> Tomcat ?
> >> Obviously, from the OAM documentation I scanned, there must exist an OAM
> >> module di
> Now let me ask another question :
> Why do you need to authenticate the user at the Apache level, and pass this
> user-id to
> Tomcat ?
> Obviously, from the OAM documentation I scanned, there must exist an OAM
> module directly
> for Tomcat, to authenticate users there. Why are you not usi
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > André Warnier wrote:
> > > oh...@cox.net wrote:
> > >> oh...@cox.net wrote:
> > >>> P.S. I forgot to mention:
> > >>>
> > >>> As you know, I'd been using a sniffer, to see the data on the
> > >>> Apache-to-Tomcat connection.
"André Warnier" wrote:
> André Warnier wrote:
> > oh...@cox.net wrote:
> >> oh...@cox.net wrote:
> >>> P.S. I forgot to mention:
> >>>
> >>> As you know, I'd been using a sniffer, to see the data on the
> >>> Apache-to-Tomcat connection. I have a sniff from earlier, where I
> >>> w
oh...@cox.net wrote:
> P.S. I forgot to mention:
>
> As you know, I'd been using a sniffer, to see the data on the
> Apache-to-Tomcat connection. I have a sniff from earlier, where I was using
> "ProxyPass ajp://", and, comparing that sniff vs. a sniff that I have from
> when I tested
P.S. I forgot to mention:
As you know, I'd been using a sniffer, to see the data on the Apache-to-Tomcat
connection. I have a sniff from earlier, where I was using "ProxyPass ajp://",
and, comparing that sniff vs. a sniff that I have from when I tested with your
suggested , in the latter snif
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > > "André Warnier" wrote:
> > >> oh...@cox.net wrote:
> > >>
> > >> .. re-synchronising..
> > >>> I've made some progress. I have a VirtualHost, so I had to add a
> > >>> "JkMountCopy 'on'" inside th
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >>
> >> .. re-synchronising..
> >>> I've made some progress. I have a VirtualHost, so I had to add a
> >>> "JkMountCopy 'on'" inside the , and now, it's at least
> >>> proxying thr
"André Warnier" wrote:
> oh...@cox.net wrote:
>
> .. re-synchronising..
> >
> > I've made some progress. I have a VirtualHost, so I had to add a
> > "JkMountCopy 'on'" inside the , and now, it's at least
> > proxying through to the Tomcat using mod_jk!!
> >
> > BUT, it's still not log
oh...@cox.net wrote:
>
> Christopher Schultz wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Jim,
> >
> > On 12/2/11 11:26 AM, oh...@cox.net wrote:
> > > Sure. Here's the section from httpd.conf. This is testing where I
> > > purposely insert a "REMOTE_USER" H
Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Jim,
>
> On 12/2/11 11:26 AM, oh...@cox.net wrote:
> > Sure. Here's the section from httpd.conf. This is testing where I
> > purposely insert a "REMOTE_USER" HTTP header into the request
> > being proxied. A
"André Warnier" wrote:
> oh...@cox.net wrote:
> > oh...@cox.net wrote:
> >> "André Warnier" wrote:
> >>> oh...@cox.net wrote:
> >>> ...
> tomcatAuthentication="false" />
>
> >>> That is correct. The "false" means that Tomcat will not do it's own
> >>> authe
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > >
> > ...
> > >
> > > > > tomcatAuthentication="false" />
> > >
> > That is correct. The "false" means that Tomcat will not do it's own
> > authentication, and
> > will instead rely on the authenti
"André Warnier" wrote:
> oh...@cox.net wrote:
> >
> ...
> >
> > > tomcatAuthentication="false" />
> >
> That is correct. The "false" means that Tomcat will not do it's own
> authentication, and
> will instead rely on the authenticated user-id passed by the front-end server.
>
> N
"Caldarale wrote:
> > From: oh...@cox.net [mailto:oh...@cox.net]
> > Subject: Re: Do any of the Tomcat LDAP-type realms support "no password"
> > authentication?
>
> > In my sniffer, I can see the REMOTE_USER set to the hard-coded
> > string, but in my test JSP on Tomcat, there getUserPr
oh...@cox.net wrote:
>
> oh...@cox.net wrote:
> >
> > "André Warnier" wrote:
> > > oh...@cox.net wrote:
> > > > "André Warnier" wrote:
> > > >> oh...@cox.net wrote:
> > > >>> Hi,
> > > >>>
> > > >>> I'm new here, and hope that someone can help.
> > > >>>
> > > >>> I was
oh...@cox.net wrote:
>
> "André Warnier" wrote:
> > oh...@cox.net wrote:
> > > "André Warnier" wrote:
> > >> oh...@cox.net wrote:
> > >>> Hi,
> > >>>
> > >>> I'm new here, and hope that someone can help.
> > >>>
> > >>> I was wondering if any of the LDAP-type realms (e.g., JND
Mark Thomas wrote:
> On 01/12/2011 18:17, oh...@cox.net wrote:
> > Having said all of that, I guess that my question has changed
> > somewhat. Specifically, now I'm wondering: With what I described
> > above, and with my valve as described above, does the asserted user
> > NOT have to be
"André Warnier" wrote:
> oh...@cox.net wrote:
> > "André Warnier" wrote:
> >> oh...@cox.net wrote:
> >>> Hi,
> >>>
> >>> I'm new here, and hope that someone can help.
> >>>
> >>> I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
> >>> support an authentication m
"André Warnier" wrote:
> oh...@cox.net wrote:
> > Hi,
> >
> > I'm new here, and hope that someone can help.
> >
> > I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.)
> > support an authentication mode where no password or credentials are
> > required? In other word
Hi,
I'm new here, and hope that someone can help.
I was wondering if any of the LDAP-type realms (e.g., JNDIRealm, etc.) support
an authentication mode where no password or credentials are required? In other
words, where just a userID/username is presented, and if that userID/username
is pres
Hi,
AHH!!
I was only looking through the Eclipse GUI settings, and hadn't noticed that
under Servers-->Tomcat v5.5 in the Eclipse Project Explorer, there were
catalina.policy, etc. files, including tomcat-users.xml :(...
So, I added my role and user definitions to that tomcat-users.xml, and it
Hi,
I have a web application that works when run directly under Tomcat. This web
app has the following in web.xml:
testweb
accessible by authenticated users of the tomcat
role
/*
GET
POST
57 matches
Mail list logo
