tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Soto <asot...@gmail.com>
Subject Apache HTTPD (with SSL) + mod_jk + TomEE (Tomcat) nullify the ssl session id
Date Mon, 06 Jul 2015 09:48:37 GMT
Hello I have seen a strange behaviour in Apache HTTPD (2.4)  and TomEE (in
fact it is a Tomcat (7.0.61) so it is exactly the same for Tomcat) when I
configure Apache server with SSL and mod_jk.
In fact I am not sure where it is the problem if in mod_jk, in Apache
Server or in Tomcat, but I suspect that maybe the problem is on mod_jk
configuration.

I am configuring the typical Apache as frontend and TomEE(Tomcat) as
backend solution. Currently Apache is configured with SSL and with mod_jk
it connects to TomEE using AJP. This works perfectly. The problem is that
inside my code I need to get the ssl session id:

String ssl =
(String)servletRequest.getAttribute("javax.servlet.request.ssl_session_id");

I don't know why but sometimes this attribute is null and sometimes not. It
may return a null at first then stay like 10 requests working and then stop
working again during some requests and the get attribute returns null.

It seems that everything is configured correctly since sometimes works.
Have you ever found something similar or knows what it can be happening? Do
you think that maybe the problem is on client (browser) side?

Everything is dockerized here:
https://github.com/lordofthejars/apache-tomee-ssl so you can review
configuration files of tomcat and apache or even run it.

Thank you so much for your support.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message