This is an automated email from the ASF dual-hosted git repository.

markt-asf pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/11.0.x by this push:
     new 361443e966 Make the ordering requirement for EncryptInterceptor clearer
361443e966 is described below

commit 361443e966a18a55b5cbefb3e138b88df3dc34f7
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Jul 2 14:14:40 2026 +0100

    Make the ordering requirement for EncryptInterceptor clearer
---
 webapps/docs/cluster-howto.xml              |  3 +-
 webapps/docs/config/cluster-interceptor.xml | 44 +++++++++++++++++++++++------
 webapps/docs/config/cluster.xml             |  3 +-
 3 files changed, 39 insertions(+), 11 deletions(-)

diff --git a/webapps/docs/cluster-howto.xml b/webapps/docs/cluster-howto.xml
index 441dbf6cc0..3d711d3a15 100644
--- a/webapps/docs/cluster-howto.xml
+++ b/webapps/docs/cluster-howto.xml
@@ -127,7 +127,8 @@ Tomcat cluster. These include:</p>
   <li>IPSEC</li>
 </ul>
 
-<p>The <a 
href="cluster-interceptor.html#org.apache.catalina.tribes.group.interceptors.EncryptInterceptor_Attributes">EncryptInterceptor</a>
+<p>When correctly configured, the <a
+href="cluster-interceptor.html#org.apache.catalina.tribes.group.interceptors.EncryptInterceptor_Attributes">EncryptInterceptor</a>
 provides confidentiality and integrity protection but it does not protect
 against all risks associated with running a Tomcat cluster on an untrusted
 network, particularly DoS attacks.</p>
diff --git a/webapps/docs/config/cluster-interceptor.xml 
b/webapps/docs/config/cluster-interceptor.xml
index e1e3e4558b..16695586c0 100644
--- a/webapps/docs/config/cluster-interceptor.xml
+++ b/webapps/docs/config/cluster-interceptor.xml
@@ -34,26 +34,49 @@
 
 <section name="Introduction">
   <p>
-  Apache Tribes supports an interceptor architecture to intercept both 
messages and membership notifications.
-  This architecture allows decoupling of logic and opens the way for some very 
useful feature add-ons.
+    Apache Tribes supports an interceptor architecture to intercept both 
messages and membership notifications.
+    This architecture allows decoupling of logic and opens the way for some 
very useful feature add-ons.
+  </p>
+</section>
+
+<section name="Ordering">
+  <p>
+    The order of interceptors is important. The order in which the 
interceptors are defined in server.xml is the order
+    in which the interceptors appear in the channel stack. Think of it as a 
linked list, with the head being the first
+    most interceptor and the tail the last.
+  </p>
+  <p>
+    When sending a message, the message will pass through the interceptors in 
order (i.e. the order they are defined in
+    server.xml). When receiving a message, the messages will pass through the 
interceptors in reverse order.
   </p>
 </section>
 
 <section name="Available Interceptors">
+  <p>
+    Tribes has been designed as a general clustering solutiuon. Not all 
interceptors are expected to be of use
+    in Tomcat cluster configurations. The interceptors expected to be of use 
in Tomcat clusters are described in
+    more detail in the following sections. They are:
+   </p>
    <ul>
+    
<li><code>org.apache.catalina.tribes.group.interceptors.DomainFilterInterceptor</code></li>
+    
<li><code>org.apache.catalina.tribes.group.interceptors.EncryptInterceptor</code></li>
+    
<li><code>org.apache.catalina.tribes.group.interceptors.FragmentationInterceptor</code></li>
+    
<li><code>org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor</code></li>
+    
<li><code>org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor</code></li>
     
<li><code>org.apache.catalina.tribes.group.interceptors.TcpFailureDetector</code></li>
+    
<li><code>org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor</code></li>
     
<li><code>org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor</code></li>
-    
<li><code>org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor</code></li>
+   </ul>
+   <p>
+    The interceptors not expected to be of use in Tomcat clusters are 
described in the Javadoc for each interceptor.
+    They are:
+   </p>
+   <ul>
     
<li><code>org.apache.catalina.tribes.group.interceptors.NonBlockingCoordinator</code></li>
     
<li><code>org.apache.catalina.tribes.group.interceptors.OrderInterceptor</code></li>
     
<li><code>org.apache.catalina.tribes.group.interceptors.SimpleCoordinator</code></li>
-    
<li><code>org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor</code></li>
     
<li><code>org.apache.catalina.tribes.group.interceptors.TwoPhaseCommitInterceptor</code></li>
-    
<li><code>org.apache.catalina.tribes.group.interceptors.DomainFilterInterceptor</code></li>
-    
<li><code>org.apache.catalina.tribes.group.interceptors.FragmentationInterceptor</code></li>
     
<li><code>org.apache.catalina.tribes.group.interceptors.GzipInterceptor</code></li>
-    
<li><code>org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor</code></li>
-    
<li><code>org.apache.catalina.tribes.group.interceptors.EncryptInterceptor</code></li>
    </ul>
 </section>
 
@@ -199,7 +222,10 @@
   <subsection 
name="org.apache.catalina.tribes.group.interceptors.EncryptInterceptor 
Attributes">
    <p>
      The EncryptInterceptor adds encryption to the channel messages carrying
-     session data between nodes.
+     session data between nodes. For the EncryptInterceptor to be effective it
+     <strong>MUST</strong> be the final interceptor (ignoring the
+     TcpFailureDetector - see below) in the set of interceptors for any given
+     channel.
    </p>
    <p>
      If using the <code>TcpFailureDetector</code>, the 
<code>EncryptInterceptor</code>
diff --git a/webapps/docs/config/cluster.xml b/webapps/docs/config/cluster.xml
index 29337d792f..bfaae11edf 100644
--- a/webapps/docs/config/cluster.xml
+++ b/webapps/docs/config/cluster.xml
@@ -56,7 +56,8 @@ Tomcat cluster. These include:</p>
   <li>IPSEC</li>
 </ul>
 
-<p>The <a 
href="cluster-interceptor.html#org.apache.catalina.tribes.group.interceptors.EncryptInterceptor_Attributes">EncryptInterceptor</a>
+<p>When correctly configured, the <a
+href="cluster-interceptor.html#org.apache.catalina.tribes.group.interceptors.EncryptInterceptor_Attributes">EncryptInterceptor</a>
 provides confidentiality and integrity protection but it does not protect
 against all risks associated with running a Tomcat cluster on an untrusted
 network, particularly DoS attacks.</p>


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to