Hi,
We have a problem with 1.2.24 that luckily is not security leak,
but it is security related.
The problem is that 401 from Tomcat without body
(a standard HTTP_UNAUTHORIZED) is treated as 401, meaning
that Apache is returning 401 page instead passing 401
to the client.
I already patched the
Hi,
OK with me. I've one outstanding patch related to fail on status. I
think Ben short is testing today. I wrote mails about it to the user
list and the patch is not committed yet. It's
http://people.apache.org/~rjung/mod_jk-dev/patches/fail-on-status.patch
(in short: fail on status has to