https://bz.apache.org/bugzilla/show_bug.cgi?id=53098
Rainer Jung <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |--- --- Comment #19 from Rainer Jung <[email protected]> --- It would be useful to backport this eature to 2.4.x. The newest Tomcat releases hardened the AJP connector by demanding a "secret" by default, so they are no longer compatibel with mod_proxy_ajp out-of-the-box. One has to explicitly set secretRequired="false" on the TC AJP connector to be able to use it with mod_proxy_ajp (and thereby increase attack surface). r1738878 plus small struct layout adjustments for compatibility should do it. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
