tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <cost...@covalent.net>
Subject Pass in jk1
Date Mon, 28 Jan 2002 18:51:22 GMT
I have a patch that allow mod_jk to send a 'secret', the same way as ajp12
works. It seems completely safe and backward compatible. The code to check
the secret on java side is also trivial and unlikely to create any
problems.

I can check this in in 2-3 days ( I'm in NYC now, not sure I'll be able
to) - or wait until after 4.0.2

It doesn't affect backward compat - mod_jk will continue to work with
3.2.x, 3.3, 4.x which do not have this on the java side - as long as the
pass is not used.

Again, it's something different from the ajp14 auth ( based on md5 and
challenge-response ) - it's more of a temporary solution using an extra
attribute in ajp13.

Let me know what you preffer.

Costin


--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message