AJP Authentication expects that requests are pre-authenticated via an external server before arriving at FishEye.
Typically, this would be a web server (e.g. apache) configured to perform password and role checking for a given URL. If successful the server forwards the request to the FishEye server via the AJPv13 protocol.
For FishEye to use AJP authentication the following two values must be configured:
- The AJP Bind Address must be set per FishEye instance. See also Server Settings
- The users Auth Type must be set to 'ajp'.
Here is one example of how to configure Apache Httpd so that all requests to Apache Httpd for the path /fisheye are forwarded to a FishEye instance on the same machine with an AJP Bind Address of localhost:8009.
Add these lines to your apache configuration:
LoadModule jk_module modules/mod_jk.so JkWorkersFile /path/to/workers.properties JkLogFile /var/log/mod_jk.log JkLogLevel debug JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " JkMount /fisheye/* worker1
Then create a file under /path/to/workers.properties and add:
worker.list=worker1 worker.worker1.type=ajp13 worker.worker1.host=localhost worker.worker1.port=8009