httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53098] mod_proxy_ajp: patch to set worker secret passed to tomcat
Date Thu, 07 Apr 2016 11:44:58 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=53098

--- Comment #3 from David Naramski <david.naramski@nowina.lu> ---
Voting to this because it's a way of securing connection between Apache Reverse
proxy and target application server. 

It would be even better to have a "signature request mechanism" for some
header. Like if the REMOTE_USER header is added by the reverse proxy, the
header is signed in a REMOTE_USER_SIGNATURE field, using a private key stored
on the reverse proxy.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message