Hello,
I was assigned with the task of preparing a security policy for Apache HTTP
servers in my company and, despite I have a few years of experience with it
(mostly v2.2), I'd like to have a more formal reference material on which I
could base the policy.
Please, is there any good (and not
Not sure if I understood, however:
1) No, because you are using nofailover=On
2) It will be lost. You have to implement clustering (session
replication) among Tomcats to keep the session active if one TC server
goes down (AND remove the nofailover from Apache).
-Original Message-
From:
Hello,
First of all, let me give you some context. The Apache 2.2's webpage
which describes mod_headers' RequestHeader directive says
(specifically for the edit action):
RequestHeader edit header value replacement
[early|env=[!]variable]
If this request header exists, its value
Done: Bug 55039
Thanks Eric. That's the kind of guidance I was looking for.
Just in case someone else is having the same issue, this is how I worked
around it:
RequestHeader edit Cookie (^JSESSIONID=[^;]*\![^;]*; |;
JSESSIONID=[^;]*\![^;]*)
However it's based on the fact that the