Bill Davidson wrote:
André Warnier wrote:
By the way, the reason why I can't try it right now is that I just
don't have the application to try it with. So whatever I mentioned
before (but which apprently so far seems ok) was purely by attempting
to understand the documentation. Beware.
I tried it today. I disabled my cookie hack and set JkExtractSSL to off.
It seems to work fine. Obviously, I want to do a lot more testing but
initially, it seems to look good.
There's a problem.
Unfortunately, we have a servlet in our app that calls request.isSecure()
to make sure that it's on a secure connection and because of
"JkExtractSSL off" it doesn't know whether it's on a secure connection
or not. request.isSecure() will always return false because mod_jk
no longer tells it anything about SSL.
So I'm back to hacking the cookie.
I really want to just get rid of httpd and run Tomcat standalone.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org