Andrew Brady wrote:
>
> Andrew Brady wrote:
> >
> > Ed Yu wrote:
> > >
> > > Hi,
> > >
> > > I'm using JServ 1.1.1, Apache 1.3.12, open-ssl 0.9.5a. I tried to access the
> > > org.apache.jserv.SSL_SESSION_ID, org.apache.jserv.SSL_CLIENT_CERTIFICATE
> > > environment using req.getAttribute() and it doesn't seems to work. I have
> > > the following in the jserv.conf file:
> > >
> > > ApJServEnvVar SSL_SESSION_ID SSL_SESSION_ID
> > > ApJServEnvVar SSL_SERVER_CERTIFICATE SSL_SERVER_CERTIFICATE
> > > ApJServEnvVar SSL_CLIENT_CERTIFICATE SSL_CLIENT_CERTIFICATE
> > > ApJServEnvVar SSL_PROTOCOL SSL_PROTOCOL
> > >
> > > I was wondering if I had done anything wrong or is it the version of JServ
> > > I'm using does not support the above.
> > > BTW, I've shutdown and re-started both jserv and apache after changing the
> > > jserv.conf.
> >
> > I am also having this problem.
> >
> > I am using Apache 1.3.12, from tomcat/3.1 , mod_ssl/2.6.4.
> >
> > I have following conf:
> >
> > SSLOptions +StdEnvVars
> > ApJservEnvVar SSL_CLIENT_S_DN SSL_CLIENT_S_DN
> >
> > and a servlet that trys for:
> >
> > HttpServletRequest.getAttribute("org.apache.jserv.SSL_CLIENT_S_DN");
> >
> > The servlet works ok , but I get back null.
> >
> > If I put a netcat listening on the tomcat port instead of tomcat,
> > I can see that apache is passing SSL_CLIENT_S_DN.
> >
> > Is there some difference in the name of the attribute.
> >
> > There is a similar question (3.9 in the tomcat) FAQ-o-matic
> > which has no answer.
> >
> > Any help greatly appreciated.
> >
> > Andy
>
> My java is not strong, so the following may not be strictly
> true, but .....
>
> If I understand the tomcat code correctly, then passing of
> arbitrary variables from apache to tomcat, using ApJservEnvVar
> is not yet implemented on the tomcat servlet side.
>
> The tomcat source file:
>
>
>jakarta-tomcat/src/share/org/apache/tomcat/service/connector/Ajp12ConnectionHandler.java
>
> contains the code:
>
> /**
> * Marker = 5 will be used by mod_jserv to send environment
> * as key+value (dynamically configurable).
> * can be considered as "reserved", and safely ignored by ot
> * env_vars is (above in this code) commented out for perfo
> * so theses env vars are simply ignored. (just here for com
> * but it is where mod_jserv would place SSL_* env vars (by
> * See the new parameter for mod_jserv (version > 1.1):
> * ApJServEnvVar localname remotename
> * - jluc
> */
> case 5: // Environment vars
> token1 = ajpin.readString(null);
> token2 = ajpin.readString("");
> // env_vars.put(token1, token2);
> break;
>
> which appears to be the relevent part. The code does not
> extract the variables into env_vars.
>
> Even if this code is activated, then there is no equivalent
> code to accesses these variables elsewhere.
>
> Could someone with more knowledge confirm this?
>
> Thanks,
>
true. (doesn't work for tomcat, but ok for JServ : try a "snoop" servlet
that prints out all cgi vars and you'll get them).
The curious syntax was mandatory because we have (at least 4 + IBM's)
SSL modules implementation and the variables names are NOT all the
sames. So this module is pluggable into any SSL+http apache server
without changing servlet code but configuration file.
jluc (same as above).
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
