hello list, My configuration is C(client) - (P)Apache 2.2.3 - (S) Tomcat 5.5.20.
I received the 'Unauthorized' response for different approaches: mod_jk, mod_proxy_ajp. My scenario is: - a static HTML page, like a form, but no password; the action value is a Perl script - the cgi-bin/theScript.pl should check the user's entry and take a decision: read-only user or read-write user. - in Tomcat I have defined a memory realm (XML file), there are only two groups/users : read-only and read-write. When I loaded the mod_proxy_ajp, I can see all request-response cycles exchanged between Apache (Proxy) and the Client (C). The second cycle contains WWW-Authorization and Authorization headers, but the final result received on client is 401 Unauthorized. For the mod_jk scenario there is no visible WWW-Authorization/Authorization header but the same result. My question is about the perl script and the right behavior: should I take care of all steps executed by HTTP 1.1 protocol for Basic authentication for the dialog between Apache(P) and Tomcat(S) or all headers are forwarded by default to Tomcat container by the mod_proxy_ajp? And for the mod_jk scenario where there is no proxy, the Apache is just for fronting Tomcat the solution is the same: take care for all cases in the static Perl script? How the mod_cache module could be added in this case: C -> P(Apache) -> S(Tom)? Many thanks for any hint, URL or notes. Daniel G __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
