Greg thanks for this, sounds like it has potential, and It wont be a
problem with separate machines, but one problem I foresee though is the
new IE7 browser which disables cookies on the client by default, have
you tested it?
Christopher, I am currently using the Authorization header but the
server tries to authenticate before it serves the page so it still
prompts for the username and password, I haven't looked at the
REMOTE_USER field though, I would be curious to look at some
documentation on it.
Peter
Gregor Schneider wrote:
Peter,
I think this can be done with mod_auth_cookie_myql.
You will, however, have to write your own little SSO-Servlet / JSP
which updates the MySQL-DB with the JSSOSessionID-Cookie provided by
Tomcat. Apache will then read the Cookie from the database, check, if
this cookie is present on the client-side (browser) and grant access
to the protected area within Apache.
Works absolutely smooth for us (however: Apache / Tomcat reside on the
same machine, although we have 2 machines behind a
hardware-loadbalancer).
Check out http://www.freshports.org/www/mod_auth_cookie_mysql2
I've posted this on the apache-userlist already, you also might want
to check out http://comments.gmane.org/gmane.comp.apache.user/65363
In the above solution authorization is handled by Tomcat (Form based
Authorization).
Hope I got your problem right & HTH
Greg
--
Peter Stavrinides
Albourne Partners (Cyprus) Ltd
Tel: +357 22 750652
If you are not an intended recipient of this e-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute it. Please visit http://www.albourne.com/email.html for important additional terms relating to this e-mail.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
