You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by David Graff <ph...@mindspring.com> on 2002/01/03 02:40:35 UTC

Patch to fix mod_webapp under Apache 1.3 in SSL mode

I ran into a confusing little problem with mod_webapp under Debian's Apache
SSL package.

Apache has used the apache_mod_ssl whieh doesn't set all of the variables
that the 'mod_ssl' package does.

This causes a problem on Warp connections where the tomcat server cannot
actually determine the correct
security of a page requested through mod_webapp.

Essentially, additional variables need to be pulled in using ap_add_cgi_vars
and ap_add_common_vars, then
delay assignment of the schem variable to the request packet until a true
determination of SSL mode (via the HTTPS variable) can be made.

I didn't have a chance to look at the 2.0 version as I don't currently have
Apache 2.0 installed.  Enjoy.

Re: Patch to fix mod_webapp under Apache 1.3 in SSL mode

Posted by David Graff <ph...@mindspring.com>.

ok have to slow down on the caffiene...

DEBIAN has used apache_mod_ssl.

Sorry for the nonsense sentence
----- Original Message -----
From: "David Graff" <ph...@mindspring.com>
To: <to...@jakarta.apache.org>
Sent: Wednesday, January 02, 2002 20:40
Subject: Patch to fix mod_webapp under Apache 1.3 in SSL mode


> I ran into a confusing little problem with mod_webapp under Debian's
Apache
> SSL package.
>
> Apache has used the apache_mod_ssl whieh doesn't set all of the variables
> that the 'mod_ssl' package does.
>
> This causes a problem on Warp connections where the tomcat server cannot
> actually determine the correct
> security of a page requested through mod_webapp.
>
> Essentially, additional variables need to be pulled in using
ap_add_cgi_vars
> and ap_add_common_vars, then
> delay assignment of the schem variable to the request packet until a true
> determination of SSL mode (via the HTTPS variable) can be made.
>
> I didn't have a chance to look at the 2.0 version as I don't currently
have
> Apache 2.0 installed.  Enjoy.
>


----------------------------------------------------------------------------
----


> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>