Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-13 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, Mark Thomas wrote: > That looks like a bug to me. Please add to to bugzilla so it doesn't get > lost and forgotten about. Done. Thanks. https://issues.apache.org/bugzilla/show_bug.cgi?id=45997 - -chris -BEGIN PGP SIGNATURE- Version: G

RE: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-11 Thread Martin Gainty
. > Date: Sat, 11 Oct 2008 13:53:46 +0100 > From: [EMAIL PROTECTED] > To: users@tomcat.apache.org > Subject: Re: Non-secure HTTP connector with secure="true" requires a > keystore? > > Christopher Schultz wrote: > > Chuck, > > > > Caldarale, Ch

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-11 Thread Mark Thomas
Christopher Schultz wrote: > Chuck, > > Caldarale, Charles R wrote: >> The code in 6.0 is noticeably different from that in 5.5 for protocol >> initialization, including setting up the socket factory. Would it be >> possible to test the config on 6.0 to see if you can achieve the >> desired resul

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: >> From: Christopher Schultz [mailto:[EMAIL PROTECTED] >> Subject: Re: Non-secure HTTP connector with secure="true" >> requires a keystore? >> >> I would have expected 5.5

RE: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Caldarale, Charles R
> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: Non-secure HTTP connector with secure="true" > requires a keystore? > > Successful startup. Using HTTP, a test JSP reports that > request.isSecure() returns true, which is exactly what > Fil

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Gregory Gerard
Same here. I terminate all SSL in a load balancer and forward in the clear back to 8080 or 8081. Application code is peppered non-standard calls to see things set by a filter to see if it's considered secure even though Tomcat thinks otherwise. In the more extreme case, I could consider all

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: > The code in 6.0 is noticeably different from that in 5.5 for protocol > initialization, including setting up the socket factory. Would it be > possible to test the config on 6.0 to see if you can achieve the > des

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Filip, Filip Hanik - Dev Lists wrote: > secure=... corresponds to request.isSecure I have not found this to be entirely true. Please see my original post. If secure="true" merely sets the return value for request.isSecure, then I should not need a ke

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David, David Wall wrote: > >> No, I don't want SSL enabled. I want Tomcat to NOT do SSL, but I want it >> to report to my application that SSL is being used. >> > So you want quality software to lie to you? It would be a bug if Tomcat > said it w

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread David Wall
No, I don't want SSL enabled. I want Tomcat to NOT do SSL, but I want it to report to my application that SSL is being used. So you want quality software to lie to you? It would be a bug if Tomcat said it was secure when it's not, and it sounds pretty goofy to want it. The deal is that I

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter, Peter Rossbach wrote: > As you want SSL enabled, you must add schema="https" secure="true" > SSLEnabled="true" > at your config. No, I don't want SSL enabled. I want Tomcat to NOT do SSL, but I want it to report to my application that SSL is b

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-08 Thread Filip Hanik - Dev Lists
tz: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Non-secure HTTP connector with secure="true" requires a keystore? I tried it with scheme="http" at first, and got the same exc

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-08 Thread Peter Rossbach
m 21:01 schrieb Christopher Schultz: -BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chuck, Caldarale, Charles R wrote: From: Christopher Schultz [mailto:[EMAIL PROTECTED] Subject: Re: Non-secure HTTP connector with secure="true" requires a keystore? I tried it with scheme="http&qu

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-07 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: >> From: Christopher Schultz [mailto:[EMAIL PROTECTED] >> Subject: Re: Non-secure HTTP connector with secure="true" requires >> a keystore? >> >> I tried it with scheme=&qu

RE: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-07 Thread Caldarale, Charles R
> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: Non-secure HTTP connector with secure="true" > requires a keystore? > > I tried it with scheme="http" at first, and got the same exception. The code in 6.0 is noticeably different from that

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-07 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: > I thought I had done this using just what you described, but it may > have been in 6.0. Can you post the config for the in > question? Have you left the scheme set to "HTTP"? Yup. Here's the configuration:

RE: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-07 Thread Caldarale, Charles R
> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Non-secure HTTP connector with secure="true" > requires a keystore? > > I'm trying to configure an HTTP that reports to the > application that the connection is secure. I thought I had done this u

Re: Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-07 Thread David Wall
I'm trying to configure an HTTP that reports to the application that the connection is secure. According to the TC documentation (http://tomcat.apache.org/tomcat-5.5-doc/config/http.html), you should be able to simply set: secure="true" in the and all should be well. Yes, this is used whe

Non-secure HTTP connector with secure="true" requires a keystore?

2008-10-07 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I'm using (stock) TC 5.5.26 on Sun Java 1.5.0_14-b03, Debian etch. I'm trying to configure an HTTP that reports to the application that the connection is secure. According to the TC documentation (http://tomcat.apache.org/tomcat-5.5-doc/config/