Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5BB7C18FC4 for ; Mon, 6 Jul 2015 10:48:12 +0000 (UTC) Received: (qmail 68647 invoked by uid 500); 6 Jul 2015 10:48:09 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 68584 invoked by uid 500); 6 Jul 2015 10:48:09 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 68574 invoked by uid 99); 6 Jul 2015 10:48:09 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Jul 2015 10:48:09 +0000 Received: from s2laptop.dev.local (host81-156-41-163.range81-156.btcentralplus.com [81.156.41.163]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id 69CBC1A0155 for ; Mon, 6 Jul 2015 10:48:08 +0000 (UTC) Message-ID: <559A5CE5.1010807@apache.org> Date: Mon, 06 Jul 2015 11:48:05 +0100 From: Mark Thomas User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Apache HTTPD (with SSL) + mod_jk + TomEE (Tomcat) nullify the ssl session id References: In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit On 06/07/2015 10:48, Alex Soto wrote: > Hello I have seen a strange behaviour in Apache HTTPD (2.4) and TomEE (in > fact it is a Tomcat (7.0.61) so it is exactly the same for Tomcat) when I > configure Apache server with SSL and mod_jk. > In fact I am not sure where it is the problem if in mod_jk, in Apache > Server or in Tomcat, but I suspect that maybe the problem is on mod_jk > configuration. > > I am configuring the typical Apache as frontend and TomEE(Tomcat) as > backend solution. Currently Apache is configured with SSL and with mod_jk > it connects to TomEE using AJP. This works perfectly. The problem is that > inside my code I need to get the ssl session id: > > String ssl = > (String)servletRequest.getAttribute("javax.servlet.request.ssl_session_id"); > > I don't know why but sometimes this attribute is null and sometimes not. It > may return a null at first then stay like 10 requests working and then stop > working again during some requests and the get attribute returns null. > > It seems that everything is configured correctly since sometimes works. > Have you ever found something similar or knows what it can be happening? Do > you think that maybe the problem is on client (browser) side? > > Everything is dockerized here: > https://github.com/lordofthejars/apache-tomee-ssl so you can review > configuration files of tomcat and apache or even run it. > > Thank you so much for your support. Try turning on debug logging for mod_jk. It will generate lots of data so just do it long enough to see the problem. When you look at the logs you should be able to see if the SSL Session ID is being passed to Tomcat or not. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org