Mark Montague wrote:
...
Any advice on how to solve this problem? I need Tomcat 6 to use the
authentication performed by the front-end webserver without breaking the
roles required by the Tomcat Manager webapp.
I know that it does not answer your question, but may I ask why ?
If you already do the user authentication in the front-end Apache httpd, can you not do a
"role-equivalent" check there too, before you proxy the call to Tomcat ?
Like
<Location /manager>
Require group manager
ProxyPass ajp://tomcat:8009
</Location>
(and remove the Tomcat auth constraints)
(Not sure it's so easy, but may be worth a try)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
