AW: JSessionId secure attribute not set if RemoteIpFilter with X-Forwarded-Proto https is used

2023-02-08 Thread Reto Weiss
Hi Mark Reported as https://bz.apache.org/bugzilla/show_bug.cgi?id=66471 Regards Reto - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

JSessionId secure attribute not set if RemoteIpFilter with X-Forwarded-Proto https is used

2023-02-08 Thread Reto Weiss
Hi There I use Tomcat 9.0.68 and the org.apache.catalina.filters.RemoteIpFilter Filter behind a NGINX reverse proxy. On the NGINX I set the http header X-Forwarded-Proto to https. If I now make a request with a Browser to the reverse proxy the JSESSIONID cookie I get back is missing the secure

Re: JSessionId secure attribute not set if RemoteIpFilter with X-Forwarded-Proto https is used

2023-02-08 Thread Mark Thomas
On 08/02/2023 12:26, Reto Weiss wrote: Hi There I use Tomcat 9.0.68 and the org.apache.catalina.filters.RemoteIpFilter**Filter behind a NGINX reverse proxy. On the NGINX I set the http header X-Forwarded-Proto to https. If I now make a request with a Browser to the reverse proxy the

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
Hi Mark, So, is this something that can/will be added in the future? I tested my thought of setting the java logging.properties to a specific file in the command line but it didn't do what I had hoped. Thanks, Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
Awesome Possum Boss!!! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
And thank you! Dream * Excel * Explore * Inspire Jon McAlexander Senior Infrastructure Engineer Asst. Vice President He/His Middleware Product Engineering Enterprise CIO | EAS | Middleware | Infrastructure Solutions 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 |

Re: Basic SSL Certificate Usage logging

2023-02-08 Thread Mark Thomas
On 08/02/2023 16:24, jonmcalexan...@wellsfargo.com.INVALID wrote: Hi Mark, So, is this something that can/will be added in the future? I tested my thought of setting the java logging.properties to a specific file in the command line but it didn't do what I had hoped. Already added. Will be

RE: Basic SSL Certificate Usage logging

2023-02-08 Thread jonmcalexander
Hi Mark, As a follow-up, some of my compatriots are asking if we can get all or some of these details in the log as well? Wanted to ask early if possible. • Subject o Ex: CN=splunk.glb.wellsfargo.net,OU=TMS-ADCS,O=Wells Fargo,C=US o Ex: CN=9COM,OU=APP,OU=9COM,OU=ECS,O=Wells