grouper-users - Re: [grouper-users] RE: Authenticating Proxy In Front of Grouper UI
Subject: Grouper Users - Open Discussion List
List archive
- From: "Michael R. Gettes" <>
- To: Chris Hyzer <>
- Cc: "Waldbieser, Carl" <>, "" <>
- Subject: Re: [grouper-users] RE: Authenticating Proxy In Front of Grouper UI
- Date: Mon, 6 Oct 2014 19:55:24 +0000
- Accept-language: en-US
with apache, one can use mod_proxy_ajp to put almost anything into any
environment variable, even for AJP thingies which has similar characteristics
to mod_proxy. Of course, there is the old standby of mod_jk. depends on
your needs. and i don’t think you will need to write the little servlet
chris mentions. in short, mentioning what you are using as the proxy
front-end gives lots of clue as to what you could do.
/mrg
On Oct 6, 2014, at 3:45 PM, Chris Hyzer
<>
wrote:
> You say web proxy but also AJP... is it an HTTP reverse proxy or is it
> just apache does authn and does AJP to the tomcat? We do the latter, works
> fine, somehow the username is put in a request attribute (named
> REMOTE_USER). If you only have the ability to put the username in an HTTP
> header you could write a simple servlet filter (loaded first) that takes
> that puts it in REMOTE_USER
>
> Thanks,
> Chris
>
>
> -----Original Message-----
> From:
>
>
> [mailto:]
> On Behalf Of Waldbieser, Carl
> Sent: Monday, October 06, 2014 3:14 PM
> To:
>
> Subject: [grouper-users] Authenticating Proxy In Front of Grouper UI
>
>
> Question #1:
> If an authenticating web proxy is placed in front of the Tomcat service
> that hosts the Grouper UI, does the remote username have to be transmitted
> to Tomcat using an AJP connector? Can it be communicated over HTTP (e.g.
> in a header)? Would that be something I could test (e.g. using curl) on
> the back end?
>
>
> Question #2:
> What config file(s) for Grouper and/or Tomcat need to be edited to tell the
> Grouper UI that the user has already been authenticated?
>
> Thanks,
> Carl Waldbieser
> ITS Systems Programmer
> Lafayette College
- [grouper-users] Authenticating Proxy In Front of Grouper UI, Waldbieser, Carl, 10/06/2014
- [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/06/2014
- Re: [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Michael R. Gettes, 10/06/2014
- [grouper-users] Re: Authenticating Proxy In Front of Grouper UI, Waldbieser, Carl, 10/06/2014
- [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/06/2014
- [grouper-users] Re: Authenticating Proxy In Front of Grouper UI, Waldbieser, Carl, 10/06/2014
- [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/06/2014
- Re: [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Bryan Wooten, 10/06/2014
- RE: [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/07/2014
- Re: [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Bryan Wooten, 10/06/2014
- [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/06/2014
- [grouper-users] Re: Authenticating Proxy In Front of Grouper UI, Waldbieser, Carl, 10/06/2014
- [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/06/2014
- [grouper-users] RE: Authenticating Proxy In Front of Grouper UI, Chris Hyzer, 10/06/2014
Archive powered by MHonArc 2.6.16.