On 06/03/2020 06:46, Thomas Glanzmann wrote:
<snip/>
> the issue seems to be that mod_jk no longer works without a password
> with tomcat7. So you need to set a password on both sites, and than
> everything works again.
This is not the case. Tomcat can be configured so a secret is not required.
> server.xml:
>
> <Connector port="8109" protocol="AJP/1.3" redirectPort="8443"
> secret="verysecure" secretRequired="true"/>
>
> workers.properties of mod_jk
>
> worker.tomcat-06.secret=verysecure
That won't work when httpd/mod_jk is on a separate host to Tomcat (as
per the subject of this thread).
> If I do _not_ set a password I'm getting a 403 no matter what I do.
That is a configuration issue. The equivalent Tomcat configuration to
that quoted above that will not require a password is:
<Connector port="8109" protocol="AJP/1.3" redirectPort="8443"
secretRequired="false"/>
Note: With 7.0.100 if you specify a secret, even an empty string, the
client must provide a matching secret irrespective of the setting of
secretRequired.
secretRequired determines if the secret attribute must be set in the
configuration, not whether the client has to provide a secret.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
