at.silk wrote:
Hi,
We are concerned about the issues we found some weeks ago, do you have any
suggestions about it?
Maybe : your configuration does not seem to make sense.
(or it works differently from what you think, or we do not understand what you
are telling us)
From the history of this thread, it seems so far that you are reporting an issue that
should not be possible given the other information that you have provided.
So you have got everyone confused.
Maybe some facts first :
1) The AJP protocol does NOT support SSL/HTTPS.
AJP is its own protocol, different from HTTP/HTTPS. It is used exclusively between a
front-end HTTP/HTTPS webserver, and a back-end Tomcat server.
It "transports" or "forwards" HTTP/HTTPS requests (including HTTP/HTTPS headers and
SSL-specific information) between the front-end webserver and the back-end Tomcat, but the
format in which it transports this information is not the same as HTTP/HTTPS.
And it is always unencrypted.
2) Implementing AJP requires 2 things :
a) on the back-end Tomcat server :
- a functional AJP Connector
b) on the front-end webserver (e.g. Apache httpd) :
- a "proxy" add-on module which is capable to "talk to" the AJP Connector of a
back-end Tomcat
For Apache httpd, there exist 2 such add-on modules :
- mod_jk
- mod_proxy_ajp
3) the AJP protocol is unknown to browsers, and a browser cannot connect directly to a
Tomcat AJP Connector.
4) a browser can connect directly to a Tomcat HTTP or HTTPS Connector.
In other words, in your case, the connection between browsers and a Tomcat webapp could be
(using "Apache" as an abbreviation for a front-end Apache httpd webserver) :
browser <--HTTP--> Apache + mod_proxy_ajp <--AJP--> Tomcat + AJP Connector <->
webapp
OR
browser <--HTTP--> Apache + mod_jk <--AJP--> Tomcat + AJP Connector <-> webapp
OR
browser <--HTTPS--> Apache + mod_proxy_ajp <--AJP--> Tomcat + AJP Connector <->
webapp
OR
browser <--HTTPS--> Apache + mod_jk <--AJP--> Tomcat + AJP Connector <-> webapp
OR
browser <--HTTP--> Tomcat + HTTP Connector <-> webapp
OR
browser <--HTTPS--> Tomcat + HTTPS Connector <-> webapp
but, with the information that you have provided so far, it is not clear to the people on
this list which of the above schemas you are using, or if you are even using one of the
above.
So I believe that you should make that clear first, and after that maybe someone can help
you answer your questions.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
