-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 7/28/15 4:10 PM, John Baker wrote:
>> I haven't looked too closely, but I'm not sure what "standard"
>> mechanisms there are to communicate this through a proxy.
>> variables don't pass through a proxy, and a HEADER is NOT the
>> proper so
> I haven't looked too closely, but I'm not sure what "standard"
> mechanisms there are to communicate this through a proxy. variables
> don't pass through a proxy, and a HEADER is NOT the proper solution here
> unless you also implement something similar to the Tomcat RemoteIpValve
> where yo
On 07/28/2015 03:02 PM, Andy Wang wrote:
I'd also like a better way and after discussing with some
security-geeks, we were wondering if there's some way we can
implement a Valve that takes a username and a signature using a
shared secret. The problem is signing in Apache: I've not looked
too ha
On 07/28/2015 02:03 PM, Christopher Schultz wrote:
On 7/28/15 2:29 PM, John Baker wrote:
Hello,
I'm not sure how long ago that was, but I don't live in the
Windows world. I would have thought that someone at Apache Lounge
would have balked if a release was broken. Were you building a
release
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 7/28/15 2:29 PM, John Baker wrote:
> Hello,
>
>> I'm not sure how long ago that was, but I don't live in the
>> Windows world. I would have thought that someone at Apache Lounge
>> would have balked if a release was broken. Were you buildi
Hello,
> I'm not sure how long ago that was, but I don't live in the Windows
> world. I would have thought that someone at Apache Lounge would have
> balked if a release was broken. Were you building a release version,
> or trunk?
I downloaded a release. This was a few years ago now. I suspect mo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 7/25/15 9:03 AM, John Baker wrote:
> Hello,
>
>> Anything in particular? Plumbing code is always not terribly
>> pretty.
>>
>> It's kept up-to-date and generally supports more features than
>> mod_proxy_ajp.
>
> Well, there was a point
> BlueCothe protocol that one can't get away from; that everyone
> understands and can easily debug with telnet/etc)at, etc.
Sorry, I think my brain started to fail.
"Blue Coat; HTTP is a protocol that everyone understands / can easily
debug with telnet / etc."
Hello,
> Anything in particular? Plumbing code is always not terribly pretty.
>
> It's kept up-to-date and generally supports more features than
> mod_proxy_ajp.
Well, there was a point where 64bit windows builds didn't even work -
which tells me there's not a lot of testing going on. And having
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 7/24/15 4:46 AM, John Baker wrote:
> I agree that mod_proxy_ajp is more commonly supported. I've
> looked/briefly worked on the mod_jk source and it was pretty awful
> - but that's what happens to code over time.
Anything in particular? P
I agree that mod_proxy_ajp is more commonly supported. I've
looked/briefly worked on the mod_jk source and it was pretty awful - but
that's what happens to code over time. I see your point regarding the
ajp protocol but equally, HTTP is everywhere and if every other part of
a web stack is HTTP, the
On 23/07/15 20:38, John Baker wrote:
> The flag to which you refer is for AJP only, hence the inconsistency (as
> AJP becomes less common and reverse proxying HTTP becomes the norm).
While I agree with you that the http connector should be consistent with
the AJP behavior where possible I'm intere
Sorry, I was reading the latest Tomcat 8.0.24 source to verify how it
worked (it hasn't changed in some time it seems).
The flag to which you refer is for AJP only, hence the inconsistency (as
AJP becomes less common and reverse proxying HTTP becomes the norm).
On Thu, Jul 23, 2015, at 08:05 PM,
Hi,
2015-07-23 21:54 GMT+03:00 John Baker :
>
> Hello,
>
> I note the HTTP connector does the following when
> Request.getRemoteUser() is called:
>
> public String getRemoteUser() {
> if (userPrincipal == null) {
> return null;
> }
> return userPrincipal.get
Hello,
I note the HTTP connector does the following when
Request.getRemoteUser() is called:
public String getRemoteUser() {
if (userPrincipal == null) {
return null;
}
return userPrincipal.getName();
}
I understand what it's trying to do but it's not c
15 matches
Mail list logo