Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 91689 invoked from network); 20 Jul 2004 15:51:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 20 Jul 2004 15:51:27 -0000 Received: (qmail 54265 invoked by uid 500); 20 Jul 2004 15:46:54 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 54158 invoked by uid 500); 20 Jul 2004 15:46:53 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 54108 invoked by uid 99); 20 Jul 2004 15:46:53 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [216.115.177.81] (HELO bosexfe1.digitas.com) (216.115.177.81) by apache.org (qpsmtpd/0.27.1) with ESMTP; Tue, 20 Jul 2004 08:46:50 -0700 Received: from exbosres1.digitas.com ([10.2.6.33]) by bosexfe1.digitas.com with Microsoft SMTPSVC(6.0.3790.0); Tue, 20 Jul 2004 11:50:56 -0400 Received: from BOSEXVS2.digitas.com ([10.2.6.152]) by exbosres1.digitas.com with Microsoft SMTPSVC(6.0.3790.0); Tue, 20 Jul 2004 11:50:56 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: Invitation to HTTPD commiters in tomcat-dev Date: Tue, 20 Jul 2004 11:50:55 -0400 Message-ID: <30C025BBA30D3343935890628BCCEA32AEDD64@BOSEXVS2.digitas.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Invitation to HTTPD commiters in tomcat-dev thread-index: AcRucCgWwed6ix47RvS8XPa5tXK+kAAAFyCQ From: "Manni Wood" To: X-OriginalArrivalTime: 20 Jul 2004 15:50:56.0273 (UTC) FILETIME=[582A1810:01C46E71] X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N > > Anyway, for business sites, any servlet being able to know if the > > original connection was secure or not is a total deal-breaker on whether > > or not to use a particular technology (in this case, Apache/Tomcat) to > > host a web site. > Could you develop ? AJP already does this, so it's already been developed. I just want to ensure this functionality is preserved in the new connector you are working on. But if you are inviting me to develop this for the new connector, I'm flattered! But I don't believe I have to technical expertise to do so. I assume this sort of stuff requires knowledge of C/Unix socket programming, which I've never done much of. Sadly, I know how to develop database-backed interactive websites for businesses, but I don't know how to develop truly sophisticated browser plugins. -Manni -----Original Message----- From: Henri Gomez [mailto:hgomez@apache.org]=20 Sent: Tuesday, July 20, 2004 11:36 AM To: dev@httpd.apache.org Subject: Re: Invitation to HTTPD commiters in tomcat-dev Manni Wood wrote: > One of the things I thought AJP did that HTTP proxying to Tomcat could > not (but correct me here if I'm wrong) is let the servelt container know > whether or not the connection is HTTP vs. HTTPS. This sort of > information needs to get passed back to the servlet container to satisfy > the servlet specification. Of course HTTPS and SSL infos are forwarded from Apache to Tomcat. > Typcially, in an Apache/Tomcat configuration, Apache deals with all of > the https connections (because it's better at it), and requests for > servlet/JSP stuff are passed back to Tomcat, with information on whether > or not the connection Apache has with the browser is HTTP or HTTPS. Exact, so Tomcat avoid crypto works workload. > Anyway, for business sites, any servlet being able to know if the > original connection was secure or not is a total deal-breaker on whether > or not to use a particular technology (in this case, Apache/Tomcat) to > host a web site. Could you develop ?