Re: Container managed security and Proxy support

Wed, 20 Oct 2010 09:39:54 -0700 

On 20/10/2010 17:02, Oliver Wulff wrote:
> Thanks. To recap, I configure AJP13 with tomcatAuthentication equals to
> false but I still need the login-config and security-constraints in the
> web.xml...
> 
> Where can I let tomcat know to which roles a user belongs to?

That has to be done via Realm, AFAIK.  Which means you can't use the AJP
method.


p

> Thanks
> Oliver
> 
> 
> 
> 
>                                                                            
>              Pid                                                           
>              <p...@pidster.com>                                             
>                                                                         An 
>              20.10.2010 17:52           Tomcat Users List                  
>                                         <users@tomcat.apache.org>          
>                                                                      Kopie 
>               Bitte antworten                                              
>                     an                                               Thema 
>                "Tomcat Users            Re: Container managed security and 
>                    List"                Proxy support                      
>              <us...@tomcat.apa                                             
>                  che.org>                                                  
>                                                                            
>                                                                            
>                                                                            
>                                                                            
> 
> 
> 
> 
> 
> On 20/10/2010 16:46, Oliver Wulff wrote:
>>
>> <img
>> src="http://zdownload.zurich.com/mailimages/ZHP_MailHeader.gif"; />
>>
>> Hi there
>>
>> Different Realms are already provided by Tomcat to configure the
>> authentication. This allows the application developer to use the standard
>> Servlet API to retrieve security related informations like username and
>> whether the user belongs to a role or not. Further, you can configure
>> access restrictions based on roles in web.xml.
>>
>> When the whole authentication happens within a reverse proxy (mod_proxy
> of
>> apache server) how can I still benefit from container managed security in
>> tomcat? The password is not available anymore so that I could configure
> one
>> of the Realms.
>>
>> Is there any out of the box solution in Tomcat?
> 
> For the AJP connector:
> 
>  tomcatAuthentication=false
> 
>  http://tomcat.apache.org/tomcat-6.0-doc/config/ajp.html
> 
> 
> 
> p
> [attachment "0x62590808.asc" deleted by Oliver Wulff/CHK/External/Zurich]
> [attachment "signature.asc" deleted by Oliver Wulff/CHK/External/Zurich]
> 
> 
> 
> 
> 
> 
> 
> ******************* BITTE BEACHTEN *******************
> Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
> möglicherweise vertrauliche oder gesetzlich geschützte Daten oder
> Informationen. Zum Empfang derselben ist (sind) ausschliesslich die
> genannte(n) Person(en) bestimmt. Falls Sie diese Nachricht
> irrtümlicherweise erreicht hat, sind Sie höflich gebeten, diese unter
> Ausschluss jeder Reproduktion zu zerstören und die absendende Person
> umgehend zu benachrichtigen. Vielen Dank für Ihre Hilfe.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

Attachment: 0x62590808.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to