Thank you for your suggestions. I don't see any difference in the results. I
think I have logging turned up all the way but nothing in the way of errors
from Tomcat. I'm looking at HTTPD now.
Darryl Baker, GSEC (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL 60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674
On 4/30/20, 8:43 AM, "Beard, Shawn M." <sbe...@wrberkley.com.INVALID> wrote:
My workers is identical to yours and it works.
Here is our connector config that is working.
Might want to try removing address="127.0.0.1" and/or
tomcatAuthentication="false"
The fix for the Ghostcat vulnerability created some config challenges on
the ajp protocol. I'm pretty sure it’s the tomcatAuthentication you need to
remove.
<Connector port="8009" protocol="AJP/1.3"
secretRequired="false"
connectionTimeout="20000"
server=" "
maxHttpHeaderSize="8192"
maxThreads="500"
minSpareThreads="30"
enableLookups="false"
acceptCount="150"
redirectPort="9443" />
Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528
-----Original Message-----
From: Darryl Philip Baker <darryl.ba...@northwestern.edu>
Sent: Thursday, April 30, 2020 7:00 AM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]
** CAUTION: External message
I am trying to upgrade a development environment from 9.0.20 to 9.0.34 and
I am having issues getting the tomcat-connectors-1.2.46 (mod_jk) to work in
with the new version. The Apache HTTPD configuration remains unchanged the
paths pass through a symbolic link I change to switch versions. The
workers.properties file was copied over and is identical. I added the same
definition for the AJP connector into server.xml. I will place the pieces I
modified below.
Server.xml:
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
protocol="AJP/1.3"
redirectPort="443"
address="127.0.0.1"
enableLookups="false"
tomcatAuthentication="false"
secretRequired="false"
maxPostSize="100000" />
Workers.properties:
#define 1st worker using worker1
worker.list=worker1
#set properties for the worker1 worker
worker.worker1.type=ajp13
worker.worker1.host=127.0.0.1
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.recycle_timeout=300
Darryl Baker, GSEC (he/him/his)
Sr. System Administrator
Distributed Application Platform Services Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL 60201-3715
darryl.ba...@northwestern.edu<mailto:darryl.ba...@northwestern.edu>
(847) 467-6674
CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain
private, privileged and confidential information belonging to the sender. The
information therein is solely for the use of the addressee. If your receipt of
this transmission has occurred as the result of an error, please immediately
notify us so we can arrange for the return of the documents. In such
circumstances, you are advised that you may not disclose, copy, distribute or
take any other action in reliance on the information transmitted.
