...
First, we suggest that you proxy the Java servlet container (eg. Tomcat) being used for Grouper WS with Apache HTTP Server (Apache). We recommend this approach because Apache offers so many choices for "basic" authentication that are easy to configure "out of the box". The details of how to proxy the container with Apache is out of scope for this wiki page but it is not hard to find examples (Google for 'apache tomcat ajp example').
With Apache proxying for the container using AJP, one can configure simple basic authentication that uses a login and password. For example your Apache configuration might include
Code Block |
---|
<Location /grouper-ws>
AuthType Basic
AuthName "Grouper WS"
AuthUserFile /etc/apache2/passwords
Require valid-user
</Location> |
You can then create the password file and set a password for the WS user. For example to create a password for the GrouperSystem user one might do