httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53098] mod_proxy_ajp: patch to set worker secret passed to tomcat
Date Tue, 12 Apr 2016 17:34:51 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=53098

--- Comment #15 from Dmitry A. Bakshaev <dab1818@gmail.com> ---
this patch just adds lost functionality to mod_proxy_ajp, a lot of time working
in mod_jk+tomcat.

no new features.

a typical usage scenario:
client(browser) - https(internet) - apache httpd(ssl-termination-acceleration)
- mod_proxy_ajp - ajp - localhost(trusted area) - apache tomcat(application)

"secret" need to "bind" multiple url on apache httpd to multiple tomcat
instances or connectors one-to-one, to protect from fake ajp requests from
other application and users from same host(localhost).

"secret" works like "identification", not crypto-blablabla...

ssl,encryption&etc is separate question.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message