This week's book giveaways are in the Cloud and AI/ML forums.
We're giving away four copies each of Cloud Native Patterns and Natural Language Processing and have the authors on-line!
See this thread and this one for details.
Win a copy of Cloud Native PatternsE this week in the Cloud forum
or Natural Language Processing in the AI/ML forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Devaka Cooray
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Paul Clapham
  • Knute Snortum
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Ron McLeod
  • Piet Souris
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Frits Walraven
  • Ganesh Patekar

Getting j_security_check + ProxyPass to work when app is "default"?

 
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm trying to log into a tomcat app (6.0.x) using apache (2.2.x) as the front end using mod_proxy_ajp. Everything works great except when I try to set up the app as a "default" or "root" app for my domain. In this case, the login fails because it appears that j_security_check is not being forwarded correctly.

For example: I can get http://www.mydomain.com/mywebapp/secureAction.do works fine. In this case my apache VirtualHost configuration looks like:



However, if I try to make it the default app for my domain (e.g. http://www.mydomain.com/secureAction.do) Apache fails with a connection reset exception. The access_log displays about 10 entries like:



In this case, my apache VirtualHost looks like:



I tried adding a line so the proxy passes look like :



But I got the same behavior as I got without that extra line.

Anyone have any ideas on the correct way to do this? BTW, I really DO want everything for this specific domain to get fowarded to the webapp. My only problem right now is related to the tomcat login.

Thanks in advance!
 
Galen Palmer
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One last note: This is set up under Linux (centos5).
 
Galen Palmer
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think I'm going to re-architect slightly so that the tomcat app is accessible from a named "context" (folder/directory/?) instead from root. In other words, instead of www.mydomain.com/mySecureAction.do have it under www.mydomain.com/mywebapp/mySecureAction.do .

I discover one thing that may help people. If my ProxyPass name did not match my tomcat webapp name, then security wasn't working at all (this was a local test using the default Apache 2 setup under Leopard).

In other words:


did not work, but this works fine:


By "work" I mean that the user was not able to log in under the 1st version but was under the 2nd version...
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!