Can you try with mod_jk 1.2.5? I really don't know mod_jk2 that well to know if/how it sends the SSL attributes.
"Federico Fernandez Cruz" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Sure! This is getting personal... ;-) Apache and Tomcat will not be my > friends anymore! :-D > > Well, I'll try to be a little exhaustive just because sometimes I miss > something that is the real point of the question. > > Let's go. > > My target is an Apache + Tomcat integration using JK2. > > Software! > Redhat 9.0 > Apache 2.0.47 with modssl. > Tomcat 5.0.16. > JK2 2.0.2 > > > This is what I have done: > > 1. Install apache properly. Configuration is in /etc/httpd > 2. Install tomcat properly. /opt/jakarta-tomcat-5.0.16 > 3. Compile JK2 2.0.2 from jakarta-connectors because there is a bug > in the sources of tomcat that avoid recursivity in mappings like > /your_webapp/* > 4. Configuration. > > > In httpd.conf I have added these lines: > #****************************** > LoadModule jk2_module modules/mod_jk2.so > #****************************** > > My workers2.properties looks like this (/etc/httpd/workers2.properties) > > [logger] > level=DEBUG > > [config:] > file=/etc/httpd/conf/workers2.properties > debug=1 > debugEnv=1 > > [uriMap:] > info=Maps the requests. Options: debug > debug=1 > > # Alternate file logger > [logger.file:0] > level=DEBUG > file=/var/log/httpd/jk2.log > > [shm:] > info=Scoreboard. Required for reconfiguration and status with > multiprocess servers > file=/var/run/jk2.shm > size=1000000 > debug=0 > disabled=0 > > [workerEnv:] > info=Global server options > timing=1 > debug=1 > # Default Native Logger (apache2 or win32 ) > # can be overriden to a file logger, useful > # when tracing win32 related issues > logger=logger.file:0 > > [channel.socket:127.0.0.1:8009] > info=Ajp13 forwarding over socket > debug=1 > tomcatId=127.0.0.1:8009 > > [ajp13:127.0.0.1:8009] > channel=channel.socket:127.0.0.1:8009 > > [status:status] > info=Status worker, displays runtime informations > > [vm:] > info=Parameters used to load a JVM in the server process > #JVM=C:\jdk\jre\bin\hotspot\jvm.dll > OPT=-Djava.class.path=${TOMCAT_HOME}/lib/tomcat-jni.jar;${TOMCAT_HOME}/serve r/lib/commons-logging.jar > OPT=-Dtomcat.home=${TOMCAT_HOME} > OPT=-Dcatalina.home=${TOMCAT_HOME} > OPT=-Xmx128M > #OPT=-Djava.compiler=NONE > disabled=1 > > [uri:/jkstatus/*] > info=Display status information and checks the config file for changes. > group=status: > worker=status:status > > #*************************************************************************** ********** > > In tomcat, my jk2.properties looks like this > > #*************************************************************************** ******************* > > handler.list=request,container,channelSocket > > channelSocket.port=8009 > channelSocket.address=127.0.0.1 > channelSocket.maxPort=port+10 > > > #*************************************************************************** ******************* > > > And in server.xml the jk connector is configured as this: > #*************************************************************************** ******************* > <Connector port="8009" protocol="AJP/1.3" > protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler" > redirectPort="8443"> > </Connector> > #*************************************************************************** ******************* > > In my ssl.conf the configuration is: (UserMan is my web application) > #*************************************************************************** ******************* > <IfModule mod_jk2.c> > <Location /UserMan> > JkUriSet worker ajp13:127.0.0.1:8009 > </Location> > > <Location /admin> > JkUriSet worker ajp13:127.0.0.1:8009 > </Location> > > <Location /manager/html> > JkUriSet worker ajp13:127.0.0.1:8009 > </Location> > </IfModule> > #*************************************************************************** ******************* > > I am using client authentication and everything goes fine. SSL > connection is OK and the server ask the web browser for a client > certificate. And my application is displayed properly! I am happy up to > this moment but... > > What about asking for SSL parameters from my webapp? > > I am doing something like this inside a JSP file: > > String cipher = (String)request.getAttribute("javax.servlet.request.cipher_suite"); > > Integer keysize = (Integer)request.getAttribute("javax.servlet.request.key_size"); > > X509Certificate [] certs = (X509Certificate [])request.getAttribute("javax.servlet.request.X509Certificate"); > > String sessionId = (String)request.getAttribute("javax.servlet.request.ssl_session"); > > X509Certificate [] certs = (X509Certificate [])request.getAttribute("org.apache.coyote.request.X509Certificate"); > > > I ALLWAYS GET NULL! > > What more can I do? Is there anybody that had succeded doing this? What about developers? > > Thanks in advance! And sorry for this long post, but... > > Thanks again! --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
