On 14/02/2020 14:21, John Larsen wrote: > I apologize - coffee started to kick in. The address="::1" portion is > commented out. > > Will adding secret="false"? in the server.xml bypass this issue? > > <Connector protocol="AJP/1.3" port="8080" secret="false" > redirectPort="8443" />
That will give you an AJP connector that is only listening on the loopback interface. Mark > > Thanks, > > John Larsen > > On Fri, Feb 14, 2020 at 6:52 AM Mark Thomas <ma...@apache.org> wrote: > >> On 14/02/2020 13:45, John Larsen wrote: >>> Seems tomcat 9.0.31 has thrown me a curve and messed up my automation. >>> >>> Where can i understand this change better? >>> "Rename the requiredSecret attribute of the AJP/1.3 Connector to secret >> and >>> add a new attribute secretRequired that defaults to true. When >>> secretRequired is truethe AJP/1.3 Connector will not start unless the >> secret >>> attribute is configured to a non-null, non-zero length String. (markt)" >>> >>> Or can i just change this to false? What it its purpose? >> >> The purpose of that attribute is to stop you starting up Tomcat with an >> AJP connector that is open to the world without stopping to think first. >> >> AJP assumes all connecting clients are trusted. >> >> You need to make sure that, through the combination of AJP >> configuration, network configuratiom, etc. that this is the case. >> >> If you describe your particular use case, we people on this list should >> be able to provide you with recommended configuration options. >> >> Mark >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
