Dakujem este raz za Vas cas a konfigurak, bohuzial ani tak sa mi to nepodarilo rozchodit :-(
Mozem Vas este pripadne poprosit o kus konfiguracie z Vasho server.xml ? Zacinam byt z toho mierne deprimovany, ze mi to nejde a zvazujem prechod na Resin3. Mozno aby som este upresnil, pouzivam Fedoru 3 (bez SELinux) a baliky z JPackage.org Vsetko funguje bez problemov az na ten request.isSecure(). To mi vzdy da false aj ked idem cez HTTPS. TL Martin Kuba (7.7.2005 12:12): >httpd.conf: > >LoadModule jk_module libexec/mod_jk.so > >#mod_jk for Tomcat - general directives >#spojeni na ajp13://localhost:8009 >JkWorkerProperty worker.list=t5 >JkWorkerProperty worker.t5.type=ajp13 >JkWorkerProperty worker.t5.host=localhost >JkWorkerProperty worker.t5.port=8009 >JkLogFile "/var/log/httpd/default/mod_jk.log" >JkLogLevel warn >JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories >... ><VirtualHost _default_:443> >... > SSLEngine on > SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > SSLCertificateFile /etc/httpd/ssl/cert.pem > SSLCertificateKeyFile /etc/httpd/ssl/key.pem > SSLCertificateChainFile /etc/httpd/ssl/cesnetca.pem > SetEnvIf User-Agent ".*MSIE.*" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > > ... > JkMount /osobni/* t5 > JkEnvVar REMOTE_USER "-" > >To je vsecko podstatne. V TomCatu standardni AJP13 konektor. >Na urcitych URL chci jeste klientsky certifikat, tak mam jeste > > <Location "/osobni/voce/*"> > SSLRequireSSL > SSLVerifyClient optional_no_ca > SSLOptions +ExportCertData +StdEnvVars +OptRenegotiate > </Location> > >ale to asi neni vas pripad. Uvadim to jenom pro ilustraci, ze >SSLOptions nejsou potreba pro isSecure(). > >Kdyz tak si napiste CGI programek, ktery vypise vsechny promenne >prostredi, napr. > >#!/bin/sh >echo 'Content-type: text/plain' >echo >env > >a podivejte se, jake promenne Apache skutecne exportuje. > > >Makub
