Re: HTTPconnector problem
hi charles, thanx again. I updated to 4.1.31 and it works now. -reynir Caldarale, Charles R wrote: From: reynir [mailto:[EMAIL PROTECTED] Subject: Re: HTTPconnector problem What is the secure="true" then for ? My guess is that it's intended more for the proprietary connectors like AJP13, but since I have zero experience with those, it's only speculation. should it not be enough to set scheme ="https" ? Yes, I would think it should, but being able to test a boolean is much faster than doing a string comparison. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: HTTPconnector problem
> From: reynir [mailto:[EMAIL PROTECTED] > Subject: Re: HTTPconnector problem > > What is the secure="true" then for ? My guess is that it's intended more for the proprietary connectors like AJP13, but since I have zero experience with those, it's only speculation. > should it not be enough to set scheme ="https" ? Yes, I would think it should, but being able to test a boolean is much faster than doing a string comparison. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTPconnector problem
thanx Mark, It's version 4.1.24 (if I rember it correctly I will check again to morrow and send you an update), but I will upgrade the tomcat service. That hopefully will fix this matter. I was hoping this was some configuration error on my behalf, but I must upgrade. .. thanx again, -reynir Mark Thomas wrote: I have just tested this on the latest TC4.1.x from CVS this works as stated in the docs. The output I see is: is secure : true port : 8080 It is possible that this is a bug that has been fixed but I don't see any changes in the archives that look relevant (I checked back to the end of 2003). What version are you using? Can you try 4.1.31? Mark reynir wrote: Hi, As I understand the documentation (and my past experience shows) you are not correct. :) the documentation : http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/coyote.html states : |secure| Set this attribute to |true| if you wish to have calls to |request.isSecure()| to return |true| for requests received by this Connector (you would want this on an SSL Connector). The default value is |false|. in short terms, this is not happening. It's not requrired to have a https schema on this connector. thanx, -reynir - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTPconnector problem
Thanx Charles, I knew it did not work in tc 5. I did not check out the code. This obviously is not working according to the documentation. What is the secure="true" then for ? should it not be enough to set scheme ="https" ? Then again in my experience this works with tomcat 4.1.31 with out problems (except it's tc 4.1.31) and I really thought it was a bug in tc 5.x But the situation that I am in right now is a production server, that I rather work as little on as I can, and only want to update it if I must. there for I was looking for configuration errors, or someone stating that this was a bug in some version fixed in some other version. I could not see any mentions of this in the change-logs for tomcat, and there for I posted this question. I guess my only solution right now is upgrading it to 4.1.31 and hoping that will "fix" the problem. I also hope that the secure="true" will return the behavior described in the documentation. the usecase has to do with reverse proxying through apache. apache holds the key for the SSL, and then forwards the requests I need into tomcat, where I execute serveral operations based on if request.isSecure() is true or false. In my case it's very difficoult to have the SSL key on the tomcat for several reasons, there for I must have the port doing http (not https) but still returning true for req.isSecure()... Well this probably means some hacking, or an upgrade... thanx again, -reynir Caldarale, Charles R wrote: From: reynir [mailto:[EMAIL PROTECTED] Subject: Re: HTTPconnector problem As I understand the documentation (and my past experience shows) you are not correct. :) But we don't actually run the documentation. Here's the code of interest (from 5.0.25, the last one I downloaded the source for): if (! req.scheme().isNull()) { // use processor specified scheme to determine secure state request.setSecure(req.scheme().equals("https")); } else { // use connector scheme and secure configuration, (defaults to // "http" and false respectively) req.scheme().setString(connector.getScheme()); request.setSecure(connector.getSecure()); } If I'm reading this correctly, the connector's secure attribute will only be used if the scheme for the request has not been set. I suspect that, in your case, the scheme is "http", forcing the secure attribute for the request to false. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: HTTPconnector problem
> From: reynir [mailto:[EMAIL PROTECTED] > Subject: Re: HTTPconnector problem > > As I understand the documentation (and my past experience > shows) you are not correct. :) But we don't actually run the documentation. Here's the code of interest (from 5.0.25, the last one I downloaded the source for): if (! req.scheme().isNull()) { // use processor specified scheme to determine secure state request.setSecure(req.scheme().equals("https")); } else { // use connector scheme and secure configuration, (defaults to // "http" and false respectively) req.scheme().setString(connector.getScheme()); request.setSecure(connector.getSecure()); } If I'm reading this correctly, the connector's secure attribute will only be used if the scheme for the request has not been set. I suspect that, in your case, the scheme is "http", forcing the secure attribute for the request to false. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTPconnector problem
I have just tested this on the latest TC4.1.x from CVS this works as stated in the docs. The output I see is: is secure : true port : 8080 It is possible that this is a bug that has been fixed but I don't see any changes in the archives that look relevant (I checked back to the end of 2003). What version are you using? Can you try 4.1.31? Mark reynir wrote: Hi, As I understand the documentation (and my past experience shows) you are not correct. :) the documentation : http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/coyote.html states : |secure| Set this attribute to |true| if you wish to have calls to |request.isSecure()| to return |true| for requests received by this Connector (you would want this on an SSL Connector). The default value is |false|. in short terms, this is not happening. It's not requrired to have a https schema on this connector. thanx, -reynir - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTPconnector problem
Laba diena. Dėkojame, kad mums parašėte. Jūsų atsiųsta žinutė išsaugota mūsų duomenų bazėje. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTPconnector problem
Hi, As I understand the documentation (and my past experience shows) you are not correct. :) the documentation : http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/coyote.html states : |secure| Set this attribute to |true| if you wish to have calls to |request.isSecure()| to return |true| for requests received by this Connector (you would want this on an SSL Connector). The default value is |false|. in short terms, this is not happening. It's not requrired to have a https schema on this connector. thanx, -reynir Caldarale, Charles R wrote: From: reynir [mailto:[EMAIL PROTECTED] Subject: HTTPconnector problem is secure : false port : 9099 this proves that I am accessing the correct port, but why is secure false ? is this a bug that has been fixed ? There's no bug here. You're using HTTP to access port 9099, and, by definition, that's not secure. The isSecure() method will return true for HTTPS, and you have declared that to be on port 8443. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: HTTPconnector problem
> From: reynir [mailto:[EMAIL PROTECTED] > Subject: HTTPconnector problem > > is secure : false > port : 9099 > > this proves that I am accessing the correct port, but why is secure > false ? is this a bug that has been fixed ? There's no bug here. You're using HTTP to access port 9099, and, by definition, that's not secure. The isSecure() method will return true for HTTPS, and you have declared that to be on port 8443. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]