As I'm working through the ajp13 code (C and Java), I'm discovering that there is some
basic work which needs to be done on the protocol itself (as well as a lot of work on
the implementations).
Specifically:
- If the request contains > 8K of header/attribute information, the protocol fails.
- There is no authentication step. I believe that this could result in some serious
security violations if the web server is performing HTTP authentication (since
remote_user is one of the attributes passed over). [side note: if anyone thinks
otherwise, let me know] Since connections are maintained across many requests, there
is no good reason not to do the authentication (IMHO).
To fix these major issues will require modifying the protocol. I have some ideas on
how to do so, but I want to get some feedback on the best way to go about making these
changes. I could just modify the protocol itself, and change the mod_jk code and
Ajp13 code in the tomcat-3.3 branch. My fear is that I'll be changing a protocol
which is in production use, without changing its version number. This seems like
asking for trouble. Should I therefore leave ajp13 where it is and work on ajp14? Or
is that multiplying protocols needlessly?
I realize that the new mod_webapp is being worked on, but it seems to me that getting
mod_jk / ajp13 working right is probably still worth it -- there are plenty of people
who are going to depend on that before Tomcat 4.0 is released.
If I do change the protocol, it will require people who download the new version to
update their mod_jk.so at the same time as they rebuild the Java classes.
What do people think?
-Dan
--
Dan Milstein // [EMAIL PROTECTED]
