You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Bill Davidson <bi...@gmail.com> on 2009/02/10 21:35:59 UTC
Re: SSL/HTTPS forwarding under Apache + mod_jk + tomcat
Bill Davidson wrote:
> André Warnier wrote:
>> By the way, the reason why I can't try it right now is that I just
>> don't have the application to try it with. So whatever I mentioned
>> before (but which apprently so far seems ok) was purely by attempting
>> to understand the documentation. Beware.
>
> I tried it today. I disabled my cookie hack and set JkExtractSSL to off.
> It seems to work fine. Obviously, I want to do a lot more testing but
> initially, it seems to look good.
There's a problem.
Unfortunately, we have a servlet in our app that calls request.isSecure()
to make sure that it's on a secure connection and because of
"JkExtractSSL off" it doesn't know whether it's on a secure connection
or not. request.isSecure() will always return false because mod_jk
no longer tells it anything about SSL.
So I'm back to hacking the cookie.
I really want to just get rid of httpd and run Tomcat standalone.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org