JF,
On 9/9/2011 7:02 AM, jean-frederic clere wrote:
> Yep. We need a directive to set the secret in httpd, I will discuss that
> in httpd dev list.
Thanks for the confirmation.
-chris
signature.asc
Description: OpenPGP digital signature
On 09/08/2011 11:58 PM, Konstantin Kolinko wrote:
2011/9/9 Christopher Schultz:
On 9/8/2011 11:47 AM, Mark Thomas wrote:
On 08/09/2011 16:13, Christopher Schultz wrote:
All, https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
Mark's official report to the users' list indicates that setti
2011/9/9 Christopher Schultz :
> On 9/8/2011 11:47 AM, Mark Thomas wrote:
>> On 08/09/2011 16:13, Christopher Schultz wrote:
>>> All, https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
>>>
>>> Mark's official report to the users' list indicates that setting a
>>> "secret" for the AJP connecti
On 08/09/2011 21:22, Christopher Schultz wrote:
> Mark,
>
> On 9/8/2011 11:47 AM, Mark Thomas wrote:
>> On 08/09/2011 16:13, Christopher Schultz wrote:
>>> Should we mention this on the Security page directly for those
>>> who didn't read the announcement on the users' list?
>>
>> No reason why n
On 08/09/2011 21:13, Christopher Schultz wrote:
> Mark,
>
> On 9/8/2011 11:47 AM, Mark Thomas wrote:
>> On 08/09/2011 16:13, Christopher Schultz wrote:
>>> All, https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
>>>
>>> Mark's official report to the users' list indicates that
>>> setting a
Mark,
On 9/8/2011 11:47 AM, Mark Thomas wrote:
> On 08/09/2011 16:13, Christopher Schultz wrote:
>> Should we mention this on the Security page directly for those who
>> didn't read the announcement on the users' list?
>
> No reason why not. Go for it.
Also, security-5.html says that Tomcat 5.0
Mark,
On 9/8/2011 11:47 AM, Mark Thomas wrote:
> On 08/09/2011 16:13, Christopher Schultz wrote:
>> All, https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
>>
>> Mark's official report to the users' list indicates that setting a
>> "secret" for the AJP connection does the trick. (I tried th
On 08/09/2011 16:13, Christopher Schultz wrote:
> All, https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
>
> Mark's official report to the users' list indicates that setting a
> "secret" for the AJP connection does the trick. (I tried this
> myself before digging-up his message and can con
All,
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
Mark's official report to the users' list indicates that setting a
"secret" for the AJP connection does the trick. (I tried this myself
before digging-up his message and can confirm that the sample code fails
when a "secret" is set).
S