tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject svn commit: r752691 - /tomcat/connectors/trunk/jk/xdocs/generic_howto/proxy.xml
Date Wed, 11 Mar 2009 23:28:42 GMT
Author: rjung
Date: Wed Mar 11 23:28:42 2009
New Revision: 752691

Add a few tweaks to the new proxy docs page.


Modified: tomcat/connectors/trunk/jk/xdocs/generic_howto/proxy.xml
--- tomcat/connectors/trunk/jk/xdocs/generic_howto/proxy.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/generic_howto/proxy.xml Wed Mar 11 23:28:42 2009
@@ -92,9 +92,13 @@
 <li>SSL cipher: <code>getAttribute(javax.servlet.request.cipher_suite)</code>
-<li>SSL key size: <code>getAttribute(javax.servlet.request.key_size)</code>
+<li>SSL key size: <code>getAttribute(javax.servlet.request.key_size)</code>.
+Can be disabled using <code>JkOptions -ForwardKeySize</code>.
-<li>SSL client certificate: <code>getAttribute(javax.servlet.request.X509Certificate)</code>
+<li>SSL client certificate: <code>getAttribute(javax.servlet.request.X509Certificate)</code>.
+If you want the whole certificate chain, then you need to also set <code>JkOptions
+It is likely, that in this case you also need to adjust the maximal AJP packet size
+using the worker attribute <a href="../reference/workers.html">max_packet_size</a>.
 <li>SSL session ID: <code>getAttribute(javax.servlet.request.ssl_session)</code>.
 This is for Tomcat, it has not yet been standardized.
@@ -169,6 +173,11 @@
 <p>All variables, that are not SSL-related have only been introduced in version 1.2.27.
+<p>Finally there is a shortcut to forward the local IP of the web server as the remote
+This can be useful, e.g. when using the Tomcat remote address valve for allowing connections
+only from registered Apache web servers. This feature is activated by setting
+<code>JkOptions ForwardLocalAddress</code>.
 <section name="Tomcat AJP Connector Settings">

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message