I apologize - coffee started to kick in.  The address="::1"  portion is
commented out.

Will adding  secret="false"? in the server.xml bypass this issue?

<Connector protocol="AJP/1.3" port="8080" secret="false"
redirectPort="8443" />


John Larsen

On Fri, Feb 14, 2020 at 6:52 AM Mark Thomas <ma...@apache.org> wrote:

> On 14/02/2020 13:45, John Larsen wrote:
> > Seems tomcat 9.0.31 has thrown me a curve and messed up my automation.
> >
> > Where can i understand this change better?
> > "Rename the requiredSecret attribute of the AJP/1.3 Connector to secret
> and
> > add a new attribute secretRequired that defaults to true. When
> > secretRequired is truethe AJP/1.3 Connector will not start unless the
> secret
> >  attribute is configured to a non-null, non-zero length String. (markt)"
> >
> > Or can i just change this to false? What it its purpose?
> The purpose of that attribute is to stop you starting up Tomcat with an
> AJP connector that is open to the world without stopping to think first.
> AJP assumes all connecting clients are trusted.
> You need to make sure that, through the combination of AJP
> configuration, network configuratiom, etc. that this is the case.
> If you describe your particular use case, we people on this list should
> be able to provide you with recommended configuration options.
> Mark
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to