tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Apache HTTPD (with SSL) + mod_jk + TomEE (Tomcat) nullify the ssl session id
Date Tue, 07 Jul 2015 10:24:44 GMT
Mark Thomas wrote:
> On 07/07/2015 09:28, Alex Soto wrote:
>> Hi Mark, SSL Session ID is not passed to Tomcat. You can see the logs here
>> https://gist.github.com/lordofthejars/226d8ed605f2a58b52f3 (I have created
>> a gist to not add here a lot of lines).
>>
>> Now the question is is it happens because of mod_jk or because of Apache?
>> Alex.
> 
> OK. You've reached the limits of my conform zone. You need someone more
> familiar with the httpd side of things at this point. Rainer?
> 
> Mark

Not Rainer, but maybe this helps :
http://tomcat.apache.org/connectors-doc/reference/apache.html
Look for "JkExtractSSL".


> 
>> El dl., 6 jul. 2015 a les 12:48, Mark Thomas (<markt@apache.org>) va
>> escriure:
>>
>>> On 06/07/2015 10:48, Alex Soto wrote:
>>>> Hello I have seen a strange behaviour in Apache HTTPD (2.4)  and TomEE
>>> (in
>>>> fact it is a Tomcat (7.0.61) so it is exactly the same for Tomcat) when I
>>>> configure Apache server with SSL and mod_jk.
>>>> In fact I am not sure where it is the problem if in mod_jk, in Apache
>>>> Server or in Tomcat, but I suspect that maybe the problem is on mod_jk
>>>> configuration.
>>>>
>>>> I am configuring the typical Apache as frontend and TomEE(Tomcat) as
>>>> backend solution. Currently Apache is configured with SSL and with mod_jk
>>>> it connects to TomEE using AJP. This works perfectly. The problem is that
>>>> inside my code I need to get the ssl session id:
>>>>
>>>> String ssl =
>>>>
>>> (String)servletRequest.getAttribute("javax.servlet.request.ssl_session_id");
>>>> I don't know why but sometimes this attribute is null and sometimes not.
>>> It
>>>> may return a null at first then stay like 10 requests working and then
>>> stop
>>>> working again during some requests and the get attribute returns null.
>>>>
>>>> It seems that everything is configured correctly since sometimes works.
>>>> Have you ever found something similar or knows what it can be happening?
>>> Do
>>>> you think that maybe the problem is on client (browser) side?
>>>>
>>>> Everything is dockerized here:
>>>> https://github.com/lordofthejars/apache-tomee-ssl so you can review
>>>> configuration files of tomcat and apache or even run it.
>>>>
>>>> Thank you so much for your support.
>>> Try turning on debug logging for mod_jk. It will generate lots of data
>>> so just do it long enough to see the problem. When you look at the logs
>>> you should be able to see if the SSL Session ID is being passed to
>>> Tomcat or not.
>>>
>>> Mark
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message