# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#    
#     http://www.apache.org/licenses/LICENSE-2.0
#    
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.

Apache Geronimo Samples
----------------------------------------------------------------------

This sample demonstrates Geronimo HTTP header-based authentication

This README uses the following aliases to describe directories.  These aliases should be replaced with your actual directory paths.
   %SAMPLE_HOME% refers to the root directory where Geronimo samples are extracted.
   %GERONIMO_HOME% refers to the root directory where the Geronimo server is installed.
   

BUILD
-----
1. cd %SAMPLE_HOME%/samples/generic-auth
2. maven clean install


INSTALL
-------
1. Start the Geronimo server if it is not already running.
2. %GERONIMO_HOME%/bin/deploy.[bat|sh] deploy %SAMPLE_HOME%/samples/generic-auth/generic-auth-war/target/generic-auth-war-<version>.war
   

RUN
---
1. Configure Apache HTTP web server with Geronimo server. 

Add these lines to <HTTPD_HOME>/conf/httpd.conf:

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<IfModule mod_proxy.c>
ProxyPass /generic-auth http://localhost:8080/generic-auth
ProxyPassReverse / http://localhost:8080/
</IfModule>

2. Mimic SiteMinder behavior via mod_headers module.

Add these lines to <HTTPD_HOME>/conf/httpd.conf:

LoadModule headers_module modules/mod_headers.so
<IfModule mod_headers.c>
<Location /generic-auth>
RequestHeader  add  SM_USER	<username>
</Location>
</IfModule>

The <username> could be replaced with these users respectively: izumi, tom, alan, nobody


3. Change the username field as above, restart Apache HTTP server, then visit this link
        http://localhost/generic-auth/protect/hello.html

You should see these expected results:        
izumi -- should see the hello world page with HTTP 200 status
tom -- should see the hello world page with HTTP 200 status
alan -- should not see the hello world page with HTTP 403 status
nobody -- should not see the hello world page with HTTP 401 status