...
Configure Apache with support for AJP proxying. For Debian 7 you may do
Code Block a2enmod proxy_ajp
On RHEL and its derivatives the proxy module is most likely already configured to be loaded.
Edit the Apache configuration for the virtual host that will support the Grouper UI and web services and add the lines below to enable AJP proxying to Tomcat:
Code Block ProxyPass /grouper/ ajp://localhost:8009/grouper/ retry=0 ProxyPass /grouper-ws/ ajp://localhost:8009/grouper-ws/ retry=0 ProxyPass /examples/ ajp://localhost:8009/examples/ retry=0
The /examples/ location will only be used for testing and will be deleted later.
Create a passwords file to allow simple basic auth for testing for the user 'GrouperSystem'. For example:
Code Block htpasswd -c /etc/apache2/passwords GrouperSystem New password: Re-type new password: Adding password for user GrouperSystem
Edit the apache configuration for the virtual host that will support the Grouper UI and web services and add the lines below for simple basic auth:
Code Block <Location /grouper> AuthType Basic AuthName "Grouper" AuthUserFile /etc/apache2/passwords Require valid-user </Location> <Location /grouper-ws> AuthType Basic AuthName "Grouper" AuthUserFile /etc/apache2/passwords Require valid-user </Location> <Location /examples> AuthType Basic AuthName "Grouper" AuthUserFile /etc/apache2/passwords Require valid-user </Location>
The /examples/ location is only used for testing and will be removed later. You may later integrate the Grouper UI with your SSO infrastructure, for example SAML/Shibboleth, but it is easier to first test using basic auth.
Reload the Apache configuration, eg. :
Code Block service apache2 reload