After reading apache doc and code I finaly fix my problem. It is a solution for my case only. But it may be interesting for someone...

All my site need authentification so i put this <Directory> section in my access.conf:

<Directory /usr/local/apache/htdocs>
AuthType Basic
AuthName www
AuthUserFile /usr/local/apache/etc/passwd
require valid-user
</Directory>

and

JkMount /webapp/* ajp3

It works fine with apache 1.3.

With apache 2.2, the REMOTE_USER is not pass to tomcat.
Why?
When the hook 'map_to_storage' is called, mod_jk returns OK. So, according to the apache doc, <directory> sections have no effect (core.c ignore <Directory> and <Files> sections). So, the mod_auth_basic is not execute and the REMOTE_USER variable is not set.

The solution is to use a <Location> section. So I just made this change:

<Location />
AuthType Basic
AuthName www
AuthUserFile /usr/local/apache/etc/passwd
require valid-user
</Location>

I can do that because all my site need authentification. With real url path (like <Location /url/path>) this solution is more dangerous.

Manu.


Emmanuel.Leguy a écrit :

Hello,

I've just found this message, with no solution, in the archive:

http://marc.theaimsgroup.com/?l=tomcat-user&m=105163335014996&w=2

It is exactly my problem:

I use apache authentification (basic) and the remote_user variable is passing to tomcat. In a struts action i can get the variable with HttpServletRequest.getRemoteUser(). Everything is ok with apache 1.3.33, mod_jk 1.2.15 and tomcat 5.5.9.

I would like to upgrade my http server to apache 2.2 and i can't get the remote_user (HttpServletRequest.getRemoteUser() == null).

I use the directive JkEnvVar REMOTE_USER %{REMOTE_USER} => no success
In my server.xml:
<Connector port="8009" protocol="AJP/1.3" tomcatAuthentication="false" address="127.0.0.1"/>
Is there a solution?
Will i have more chance with mod_proxy_ajp?

Thanx,

Manu.



--
Emmanuel Leguy                  LIFL - UMR8022 CNRS - Bat M3
Tel: +33 3 28 77 85 32          USTL - Universite de Lille 1
Fax: +33 3 28 77 85 37          59655 VILLENEUVE D'ASCQ CEDEX - FRANCE

mailto:[EMAIL PROTECTED]        
http://www.lifl.fr/ANNUAIRE/employee.php?login=leguye

Ce mail est signe par un certificat X509 fourni par le CNRS
La verification de ce certificat peut etre faite a l'adresse suivante: http://igc.services.cnrs.fr/CNRS-Standard/recherche.html

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to