tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bill Davidson <>
Subject Re: SSL/HTTPS forwarding under Apache + mod_jk + tomcat
Date Tue, 10 Feb 2009 20:35:59 GMT
Bill Davidson wrote:
> André Warnier wrote:
>> By the way, the reason why I can't try it right now is that I just 
>> don't have the application to try it with.  So whatever I mentioned 
>> before (but which apprently so far seems ok) was purely by attempting 
>> to understand the documentation. Beware.
> I tried it today.  I disabled my cookie hack and set JkExtractSSL to off.
> It seems to work fine.  Obviously, I want to do a lot more testing but
> initially, it seems to look good.

There's a problem.

Unfortunately, we have a servlet in our app that calls request.isSecure()
to make sure that it's on a secure connection and because of
"JkExtractSSL off" it doesn't know whether it's on a secure connection
or not.  request.isSecure() will always return false because mod_jk
no longer tells it anything about SSL.

So I'm back to hacking the cookie.

I really want to just get rid of httpd and run Tomcat standalone.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message