Tomcat/JServ/Ajp12 and mod_ssl session parameters ...

[Gunther Schadow <gu...@aurora.rg.iupui.edu>]

Hi,

I am wondering about how much of the mod_ssl session parameters one can
(or should) access from Tomcat, JServ or anything behind Ajp12. I have
seen that the AJP protocol can forward CGI environment variables.  However,
it is unclear 

(1) how much of it Apache actually forwards via AJP
(2) how much the AJP server actually reads and
(3) where the AJP server makes these variables available to the 
    servlet or JSP.

I have searched through the source code and FAQ and I find all kinds of
pertinent but inconclusive information. There is:

(A) the tomcat.properties variable: wrapper.env.copyall=true

(B) the AJP transmitted environment is sometimes put into a 
    Hashtable env_vars, some of which is then rescued into 
    other variables, but most of these env_vars received
    is simply discarded.

(C) the what appears to be most recent Ajp12ConnectionHandler.java
    not even collects anything into the env_vars hashtable (is 
    simply commented out.)

So, I am wondering about the direction in which we are going and how to
do these things so that they'll work tomorrow. I mean, I can hack the 
sourcecode until I have "my" variables passed through, but this doesn't
seem to be the way everyone should (have to) do it, right?

Why do we not simply pass all Apache created environment variables 
through and make them available as Java properties? A matter of 
speed I suppose ... but could one at least put these variables 
into the session object? 

Thanks,
-Gunther