tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Soto <asot...@gmail.com>
Subject Re: Apache HTTPD (with SSL) + mod_jk + TomEE (Tomcat) nullify the ssl session id
Date Tue, 07 Jul 2015 15:08:17 GMT
Thank you so much but it is already set.
https://github.com/lordofthejars/apache-tomee-ssl/blob/master/httpd.conf#L171
This is so strange.

El dt., 7 jul. 2015 a les 12:25, André Warnier (<aw@ice-sa.com>) va
escriure:

> Mark Thomas wrote:
> > On 07/07/2015 09:28, Alex Soto wrote:
> >> Hi Mark, SSL Session ID is not passed to Tomcat. You can see the logs
> here
> >> https://gist.github.com/lordofthejars/226d8ed605f2a58b52f3 (I have
> created
> >> a gist to not add here a lot of lines).
> >>
> >> Now the question is is it happens because of mod_jk or because of
> Apache?
> >> Alex.
> >
> > OK. You've reached the limits of my conform zone. You need someone more
> > familiar with the httpd side of things at this point. Rainer?
> >
> > Mark
>
> Not Rainer, but maybe this helps :
> http://tomcat.apache.org/connectors-doc/reference/apache.html
> Look for "JkExtractSSL".
>
>
> >
> >> El dl., 6 jul. 2015 a les 12:48, Mark Thomas (<markt@apache.org>) va
> >> escriure:
> >>
> >>> On 06/07/2015 10:48, Alex Soto wrote:
> >>>> Hello I have seen a strange behaviour in Apache HTTPD (2.4)  and TomEE
> >>> (in
> >>>> fact it is a Tomcat (7.0.61) so it is exactly the same for Tomcat)
> when I
> >>>> configure Apache server with SSL and mod_jk.
> >>>> In fact I am not sure where it is the problem if in mod_jk, in Apache
> >>>> Server or in Tomcat, but I suspect that maybe the problem is on mod_jk
> >>>> configuration.
> >>>>
> >>>> I am configuring the typical Apache as frontend and TomEE(Tomcat) as
> >>>> backend solution. Currently Apache is configured with SSL and with
> mod_jk
> >>>> it connects to TomEE using AJP. This works perfectly. The problem is
> that
> >>>> inside my code I need to get the ssl session id:
> >>>>
> >>>> String ssl =
> >>>>
> >>>
> (String)servletRequest.getAttribute("javax.servlet.request.ssl_session_id");
> >>>> I don't know why but sometimes this attribute is null and sometimes
> not.
> >>> It
> >>>> may return a null at first then stay like 10 requests working and then
> >>> stop
> >>>> working again during some requests and the get attribute returns null.
> >>>>
> >>>> It seems that everything is configured correctly since sometimes
> works.
> >>>> Have you ever found something similar or knows what it can be
> happening?
> >>> Do
> >>>> you think that maybe the problem is on client (browser) side?
> >>>>
> >>>> Everything is dockerized here:
> >>>> https://github.com/lordofthejars/apache-tomee-ssl so you can review
> >>>> configuration files of tomcat and apache or even run it.
> >>>>
> >>>> Thank you so much for your support.
> >>> Try turning on debug logging for mod_jk. It will generate lots of data
> >>> so just do it long enough to see the problem. When you look at the logs
> >>> you should be able to see if the SSL Session ID is being passed to
> >>> Tomcat or not.
> >>>
> >>> Mark
> >>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>> For additional commands, e-mail: users-help@tomcat.apache.org
> >>>
> >>>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message