On Thu, Feb 13, 2020 at 9:33 AM Olivier Jaquemet <
olivier.jaque...@jalios.com> wrote:

> On 13/02/2020 01:02, Stefan Mayr wrote:
> > Hi,
> >
> >> - AJP defaults changed to listen the loopback address, require a secret
> >>    and to be disabled in the sample server.xml
> > What was the motivation behind this breaking change to require a secret
> > or to explitly disable it? What makes an open AJP connector more unsafe
> > than an open HTTP connector?
> >
> > We have hundreds of Tomcats behind Apache httpd with mod_jk. My
> > interpretation is that upgrading Tomcat 8.5 or 9.0 will break that setup
> > until we disable the secret in all of them (or add a secret in mod_jk
> > and Tomcat).
> > I would understand that for a new major version 10.x but not in the
> > lifecycle of an existing major version.
> Hi,
> I second those questions.
> We also have many tomcat instances behind Apache HTTPD, most of them are
> not the same server.
> It is my understanding that the new default listening behavior on the
> loopback address would break our installation, as the AJP connector
> would no longer be reachable to our remote Apache HTTP server. It would
> requires that we update all our tomcat's server.xml configuration to
> explicitely listen to an additional address by specifying the "address"
> attribute of the AJP connector.
> Am I correct ? Why such a change ? Why no bugzilla issue for proper
> tracking and context ?
> What are your recommendations regarding AJP connector configuration ?

It is obviously best to keep default configurations as stable as possible.
But sometimes things have to change ... As a result, you'll indeed need to
adjust your server.xml according to your deployment and AJP usage.

The documentation for the new attributes and updated defaults is here:


Reply via email to