I thought that mod_jk2 was the most advanced and that it was recommended for Apache 2.
Moving to mod_jk 1.2.5 is a step back, isn't it?
Thanks again!
Bill Barker wrote:
Can you try with mod_jk 1.2.5? I really don't know mod_jk2 that well to know if/how it sends the SSL attributes.
"Federico Fernandez Cruz" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
OPT=-Djava.class.path=${TOMCAT_HOME}/lib/tomcat-jni.jar;${TOMCAT_HOME}/serveSure! This is getting personal... ;-) Apache and Tomcat will not be my friends anymore! :-D
Well, I'll try to be a little exhaustive just because sometimes I miss something that is the real point of the question.
Let's go.
My target is an Apache + Tomcat integration using JK2.
Software! Redhat 9.0 Apache 2.0.47 with modssl. Tomcat 5.0.16. JK2 2.0.2
This is what I have done:
1. Install apache properly. Configuration is in /etc/httpd 2. Install tomcat properly. /opt/jakarta-tomcat-5.0.16 3. Compile JK2 2.0.2 from jakarta-connectors because there is a bug in the sources of tomcat that avoid recursivity in mappings like /your_webapp/* 4. Configuration.
In httpd.conf I have added these lines: #****************************** LoadModule jk2_module modules/mod_jk2.so #******************************
My workers2.properties looks like this (/etc/httpd/workers2.properties)
[logger] level=DEBUG
[config:] file=/etc/httpd/conf/workers2.properties debug=1 debugEnv=1
[uriMap:] info=Maps the requests. Options: debug debug=1
# Alternate file logger [logger.file:0] level=DEBUG file=/var/log/httpd/jk2.log
[shm:] info=Scoreboard. Required for reconfiguration and status with multiprocess servers file=/var/run/jk2.shm size=1000000 debug=0 disabled=0
[workerEnv:] info=Global server options timing=1 debug=1 # Default Native Logger (apache2 or win32 ) # can be overriden to a file logger, useful # when tracing win32 related issues logger=logger.file:0
[channel.socket:127.0.0.1:8009] info=Ajp13 forwarding over socket debug=1 tomcatId=127.0.0.1:8009
[ajp13:127.0.0.1:8009] channel=channel.socket:127.0.0.1:8009
[status:status] info=Status worker, displays runtime informations
[vm:] info=Parameters used to load a JVM in the server process #JVM=C:\jdk\jre\bin\hotspot\jvm.dll
r/lib/commons-logging.jar
#***************************************************************************OPT=-Dtomcat.home=${TOMCAT_HOME} OPT=-Dcatalina.home=${TOMCAT_HOME} OPT=-Xmx128M #OPT=-Djava.compiler=NONE disabled=1
[uri:/jkstatus/*] info=Display status information and checks the config file for changes. group=status: worker=status:status
**********
In tomcat, my jk2.properties looks like this#***************************************************************************
*******************
handler.list=request,container,channelSocket#***************************************************************************
channelSocket.port=8009 channelSocket.address=127.0.0.1 channelSocket.maxPort=port+10
*******************
And in server.xml the jk connector is configured as this:#***************************************************************************
*******************
#***************************************************************************<Connector port="8009" protocol="AJP/1.3" protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler" redirectPort="8443"> </Connector>
*******************
In my ssl.conf the configuration is: (UserMan is my web application)#***************************************************************************
*******************
#***************************************************************************<IfModule mod_jk2.c> <Location /UserMan> JkUriSet worker ajp13:127.0.0.1:8009 </Location>
<Location /admin> JkUriSet worker ajp13:127.0.0.1:8009 </Location>
<Location /manager/html> JkUriSet worker ajp13:127.0.0.1:8009 </Location> </IfModule>
*******************
(String)request.getAttribute("javax.servlet.request.cipher_suite");I am using client authentication and everything goes fine. SSL connection is OK and the server ask the web browser for a client certificate. And my application is displayed properly! I am happy up to this moment but...
What about asking for SSL parameters from my webapp?
I am doing something like this inside a JSP file:
String cipher =
Integer keysize =(Integer)request.getAttribute("javax.servlet.request.key_size");
X509Certificate [] certs = (X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate");
String sessionId =(String)request.getAttribute("javax.servlet.request.ssl_session");
X509Certificate [] certs = (X509Certificate[])request.getAttribute("org.apache.coyote.request.X509Certificate");
I ALLWAYS GET NULL!about developers?
What more can I do? Is there anybody that had succeded doing this? What
Thanks in advance! And sorry for this long post, but...
Thanks again!
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
