Author: rjung
Date: Fri Jun 22 09:52:35 2007
New Revision: 549876
URL: http://svn.apache.org/viewvc?view=rev&rev=549876
Log:
Update docs concerning URI forwarding encoding.
Also added some lines about auth_complete and a new
section for uri_select to the IIS docs.
Modified:
tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
tomcat/connectors/trunk/jk/xdocs/reference/apache.xml
tomcat/connectors/trunk/jk/xdocs/reference/iis.xml
tomcat/connectors/trunk/jk/xdocs/webserver_howto/apache.xml
Modified: tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml?view=diff&rev=549876&r1=549875&r2=549876
==============================================================================
--- tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml Fri Jun 22
09:52:35 2007
@@ -28,6 +28,17 @@
<subsection name="Native">
<changelog>
<update>
+ IIS: Document auth_complete and uri_select. (rjung)
+ </update>
+ <update>
+ Apache/IIS/Netscape: Change the default forwarding encoding to the new
+ proxy method. (jfclere, rjung)
+ </update>
+ <update>
+ Common: Optionally reencode URIs before forwarding to the backend.
+ Based on the URI reencoding done bei httpd mod_proxy. (jfclere, rjung)
+ </update>
+ <update>
Common: auto-detect correct print format for pid_t.
This fixes at least compiler warnings on Solaris. (rjung)
</update>
Modified: tomcat/connectors/trunk/jk/xdocs/reference/apache.xml
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/reference/apache.xml?view=diff&rev=549876&r1=549875&r2=549876
==============================================================================
--- tomcat/connectors/trunk/jk/xdocs/reference/apache.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/reference/apache.xml Fri Jun 22 09:52:35
2007
@@ -222,8 +222,9 @@
<br/>
This directive can be used multiple times per virtual server.
<br/>
-The default value is "ForwardURICompatUnparsed" since version 1.2.23.
-Until version 1.2.22 the default value was "ForwardURICompat".
+The default value is "ForwardURIProxy" since version 1.2.24.
+It was "ForwardURICompatUnparsed" in version 1.2.23 and
+"ForwardURICompat" until version 1.2.22.
</p></attribute>
<attribute name="JkEnvVar" required="false"><p>
Adds a name and an optional default value of environment variable
@@ -429,11 +430,14 @@
</p>
<p>
-The three following options <b>+ForwardURIxxx</b> are mutually exclusive.
+The four following options <b>+ForwardURIxxx</b> are mutually exclusive.
Exactly one of them is required, a negative sign prefix is not allowed with
them.
-The default value is "ForwardURICompatUnparsed" since version 1.2.23.
-Until version 1.2.22 the default value was "ForwardURICompat".
+The default value is "ForwardURIProxy" since version 1.2.24.
+It was "ForwardURICompatUnparsed" in version 1.2.23 and
+"ForwardURICompat" until version 1.2.22.
You can turn the default off by switching on one of the other two options.
+You should leave this at it's default value, unless you have a very good
+reason to change it.
<br/>
<br/>
</p>
@@ -450,8 +454,22 @@
</p>
<p>
+Using JkOptions <b>ForwardURIProxy</b>, the forwarded URI
+will be partially reencoded after processing inside Apache httpd and
+before forwarding to Tomcat. This will be compatible with local
+URL manipulation by mod_rewrite and with URL encoded session ids.
+
+<source>
+ JkOptions +ForwardURIProxy
+</source>
+
+<br/>
+<br/>
+</p>
+
+<p>
Using JkOptions <b>ForwardURICompatUnparsed</b>, the forwarded URI
-will be unparsed. It's spec compliant and also the safest option.
+will be unparsed. It's spec compliant and secure.
It will always forward the original request URI, so rewriting
URIs with mod_rewrite and then forwarding the rewritten URI
will not work.
Modified: tomcat/connectors/trunk/jk/xdocs/reference/iis.xml
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/reference/iis.xml?view=diff&rev=549876&r1=549875&r2=549876
==============================================================================
--- tomcat/connectors/trunk/jk/xdocs/reference/iis.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/reference/iis.xml Fri Jun 22 09:52:35 2007
@@ -99,7 +99,50 @@
</p>
<p>This directive has been added in version 1.2.21</p>
</attribute>
-
+<attribute name="auth_complete" required="false"><p>
+A DWORD value representing "0" or "1". This is needed because
+of minor incompatibilities with IIS 5.1.
+</p>
+<p>
+By default its value is 1, which means we use the SF_NOTIFY_AUTH_COMPLETE
+event. If you set this to 0, then we use SF_NOTIFY_PREPROC_HEADERS.
+This might be needed for IIS 5.1 when handling requests using the
+PUT HTTP method.
+</p>
+<p>This directive has been added in version 1.2.21</p>
+</attribute>
+<attribute name="uri_select" required="false"><p>
+A string value which influences, how URIs are decoded and reencoded
+between IIS and Tomcat. You should leave this at it's default value,
+unless you have a very good reason to change it.
+</p>
+<p>
+If the value is "parsed", the forwarded URI
+will be decoded and explicit path components like ".." will already
+be resolved. This is less spec compliant and is <b>not safe</b>
+if you are using prefix forwarding rules.
+</p>
+<p>
+If the value is "unparsed", the forwarded URI
+will be the original request URI. It's spec compliant and also
+the safest option. Rewriting the URI and then forwarding the rewritten
+URI will not work.
+</p>
+<p>
+If the value is "escaped", the forwarded URI
+will be the reencoded form of the URI used by "parsed".
+Explicit path components like ".." will already be resolved.
+This will not work in combination with URL encoded session IDs.
+</p>
+<p>
+If the value is "proxy", the forwarded URI
+will be a partially reencoded form of the URI used by "parsed".
+Explicit path components like ".." will already be resolved.
+and problematic are reencoded.
+</p>
+<p>The default value since version 1.2.24 is "proxy". Before it was
"parsed".</p>
+</attribute>
+<p>
</attributes>
</section>
<section name="Using a properties file for configuration">
Modified: tomcat/connectors/trunk/jk/xdocs/webserver_howto/apache.xml
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/webserver_howto/apache.xml?view=diff&rev=549876&r1=549875&r2=549876
==============================================================================
--- tomcat/connectors/trunk/jk/xdocs/webserver_howto/apache.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/webserver_howto/apache.xml Fri Jun 22
09:52:35 2007
@@ -463,11 +463,14 @@
</p>
<p>
-The three following options <b>+ForwardURIxxx</b> are mutually exclusive.
+The four following options <b>+ForwardURIxxx</b> are mutually exclusive.
Exactly one of them is required, a negative sign prefix is not allowed with
them.
-The default value is "ForwardURICompatUnparsed" since version 1.2.23.
-Until version 1.2.22 the default value was "ForwardURICompat".
+The default value is "ForwardURIProxy" since version 1.2.24.
+It was "ForwardURICompatUnparsed" in version 1.2.23 and
+"ForwardURICompat" until version 1.2.22.
You can turn the default off by switching on one of the other two options.
+You should leave this at it's default value, unless you have a very good
+reason to change it.
<br/>
<br/>
</p>
@@ -484,8 +487,22 @@
</p>
<p>
+Using JkOptions <b>ForwardURIProxy</b>, the forwarded URI
+will be partially reencoded after processing inside Apache httpd and
+before forwarding to Tomcat. This will be compatible with local
+URL manipulation by mod_rewrite and with URL encoded session ids.
+
+<source>
+ JkOptions +ForwardURIProxy
+</source>
+
+<br/>
+<br/>
+</p>
+
+<p>
Using JkOptions <b>ForwardURICompatUnparsed</b>, the forwarded URI
-will be unparsed. It's spec compliant and also the safest option.
+will be unparsed. It's spec compliant and secure.
It will always forward the original request URI, so rewriting
URIs with mod_rewrite and then forwarding the rewritten URI
will not work.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
