tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Brady <>
Subject [Fwd: Re: Accessing SSL information within servlet]
Date Mon, 12 Jun 2000 17:40:59 GMT
Apologies. I stupidly sent the following to the java-apache-users
list. It should have come to tomcat-users.

> I am using Apache 1.3.12, tomcat/3.1 , mod_ssl/2.6.4.
> I have following conf:
>   SSLOptions +StdEnvVars
> and a servlet that trys for:
>   HttpServletRequest.getAttribute("org.apache.jserv.SSL_CLIENT_S_DN");
> The servlet works ok , but I get back null.
> If I put a netcat listening on the tomcat port instead of tomcat,
> I can see that apache is passing SSL_CLIENT_S_DN.
> Is there some difference in the name of the attribute.
> There is a similar question (3.9 in the tomcat) FAQ-o-matic
> which has no answer.

My java is not strong, so the following may not be strictly
true, but .....

If I understand the tomcat code correctly, then passing of
arbitrary variables from apache to tomcat, using ApJservEnvVar
is not yet implemented on the tomcat servlet side.

The tomcat source file:


contains the code:

      * Marker = 5 will be used by mod_jserv to send environment 
      * as key+value (dynamically configurable).
      * can be considered as "reserved", and safely ignored by ot
      * env_vars is (above in this  code) commented out for perfo
      * so theses env vars are simply ignored. (just here for com
      * but it is where mod_jserv would place SSL_* env vars (by 
      * See the new parameter for mod_jserv (version > 1.1):
      * ApJServEnvVar localname remotename
      *                                            - jluc
        case 5: // Environment vars
           token1 = ajpin.readString(null);
           token2 = ajpin.readString("");
    //     env_vars.put(token1, token2);

which appears to be the relevent part. The code does not
extract the variables into env_vars as it is commented out.

Even if this code is activated, there is no other code to access
such variables in the request.

Could someone with more knowledge confirm this?



Andy Brady                          Email :
Web Services Group                    Tel : +44(0)118 9499252
E.C.M.W.F.                            Fax : +44(0)118 9869450
Shinfield Park, Reading, RG2 9AX      Web :

View raw message