Hi,
Many Thanks Mark. This is a more of POC release planned for jun-1st week, will
give a try with the existing stable release and thanks for suggesting the 8.5.x.
1) As you said, I can see AjpProtocol class as the BIO connector. If I create
a customized class SslEnabledBioAjpProtocol extends AjpProtocol, then is the
below configuration correct?
<Connector port="8009"
protocol="org.apache.coyote.ajp.SslEnabledBioAjpProtocol" redirectPort="8443" />
2) In tomcat6, there http connector attribute to define the customized
classname using attribute "sSLImplementation".
<Connector SSLEnabled="true"
sSLImplementation="
org.apache.tomcat.util.net.jsse.Tomcat6SSLImplementation"
scheme="https" secure="true" />
is it a still valid attribute in tomcat7.x/tomcat8.x?
Thanks
Venkata
-----Original Message-----
From: Mark Thomas [mailto:ma...@apache.org]
Sent: 14 May 2016 00:04
To: Tomcat Users List
Subject: Re: tomcat6.0.43 ajp connector migration to tomcat8.0.33
On 13/05/2016 17:55, Venkata Reddy P wrote:
> Existing implementation:-
>
> In tomcat6.0.43 version, I have enabled the ssl on AJP connector by
> following the below steps
>
> 1) I did override the class "org.apache.jk.common.ChannelSocket" to
> "AjpSslChannelSocket extends ChannelSocket " to enable ssl on ajp port.
Tomcat does not support, and has never supported, AJP with TLS.
AjpSslChannelSocket must be a custom implementation.
> 2) This overridden "AjpSslChannelSocket" class I have configured in
> server.xml file as below.
>
> <Connector address="xx.xx.xx.xx"
> class.channelSocket=" org.apache.jk.common. AjpSslChannelSocket "
> enableLookups="false" maxThreads="150" port="8009"
> protocol="AJP/1.3" tomcatAuthentication="false"/>
>
> I believe, it is a AJP java connector(ChannelSocket) implementation which
> comes with tomcat6.0.43. am I correct?
No. See above.
> what kind of ajp connector implementation on class
> “org.apache.jk.common.ChannelSocket” (APR,NIO,…)?
BIO.
> Migration to:-
>
> Currently I have to do the same on tomcat8.0.33 version to replicate the
> above implemention to enable ssl on AJP port.
That isn't going to be possible unless you write some custom code.
> 1) When I look at the tomcat8.0.33 source code, I don’t find any
> “org.apache.jk” package.
>
> Did “org.apache.jk” replaced with any package?
Roughly, org.apache.coyote.ajp
> 2) It looks like the ajp connector attribute (class.channelSocket) also
> not available in tomcat8.0.33.
>
> Do we have any similar attribute to configure customized connector
> implementation class?
protocol
> 3) Finally the class “ChannelSocket” is also missing in tomcat8.0.33.
>
> What class has to be customized in tomcat8.0.33 to enable ssl on ajp port
> similar to above mentioned tomcat6.0.43 implementation?
Given that 8.0.x will be replaced by 8.5.x fairly soon (within 3-4 months I
should think) and that their is a major refactoring of the connector code
between 8.0.x and 8.5.x you should be looking at the 8.5.x code.
Look at the class hierarchy for AbstractAjpProtocol. You'll probably need to
extend and override one of its sub-classes.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail:
users-unsubscr...@tomcat.apache.org<mailto:users-unsubscr...@tomcat.apache.org>
For additional commands, e-mail:
users-h...@tomcat.apache.org<mailto:users-h...@tomcat.apache.org>
