Sure! This is getting personal... ;-) Apache and Tomcat will not be my
friends anymore! :-D

Well, I'll try to be a little exhaustive just because sometimes I miss
something that is the real point of the question.

Let's go.

My target is an Apache + Tomcat integration using JK2.

Software!
  Redhat 9.0
  Apache 2.0.47 with modssl.
  Tomcat 5.0.16.
  JK2 2.0.2


This is what I have done:

  1. Install apache properly. Configuration is in /etc/httpd
  2. Install tomcat properly. /opt/jakarta-tomcat-5.0.16
  3. Compile JK2 2.0.2 from jakarta-connectors because there is a bug
in the sources of tomcat that avoid recursivity in mappings like
/your_webapp/*
  4. Configuration.
 

In httpd.conf I have added these lines:
#******************************
LoadModule jk2_module modules/mod_jk2.so
#******************************

My workers2.properties looks like this (/etc/httpd/workers2.properties)

[logger]
level=DEBUG

[config:]
file=/etc/httpd/conf/workers2.properties
debug=1
debugEnv=1

[uriMap:]
info=Maps the requests. Options: debug
debug=1

# Alternate file logger
[logger.file:0]
level=DEBUG
file=/var/log/httpd/jk2.log

[shm:]
info=Scoreboard. Required for reconfiguration and status with
multiprocess servers
file=/var/run/jk2.shm
size=1000000
debug=0
disabled=0

[workerEnv:]
info=Global server options
timing=1
debug=1
# Default Native Logger (apache2 or win32 )
# can be overriden to a file logger, useful
# when tracing win32 related issues
logger=logger.file:0

[channel.socket:127.0.0.1:8009]
info=Ajp13 forwarding over socket
debug=1
tomcatId=127.0.0.1:8009

[ajp13:127.0.0.1:8009]
channel=channel.socket:127.0.0.1:8009

[status:status]
info=Status worker, displays runtime informations

[vm:]
info=Parameters used to load a JVM in the server process
#JVM=C:\jdk\jre\bin\hotspot\jvm.dll
OPT=-Djava.class.path=${TOMCAT_HOME}/lib/tomcat-jni.jar;${TOMCAT_HOME}/server/lib/commons-logging.jar
OPT=-Dtomcat.home=${TOMCAT_HOME}
OPT=-Dcatalina.home=${TOMCAT_HOME}
OPT=-Xmx128M
#OPT=-Djava.compiler=NONE
disabled=1

[uri:/jkstatus/*]
info=Display status information and checks the config file for changes.
group=status:
worker=status:status

#*************************************************************************************

In tomcat, my jk2.properties looks like this

#**********************************************************************************************

handler.list=request,container,channelSocket

channelSocket.port=8009
channelSocket.address=127.0.0.1
channelSocket.maxPort=port+10


#**********************************************************************************************


And in server.xml the jk connector is configured as this:
#**********************************************************************************************
<Connector port="8009" protocol="AJP/1.3"
protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"
redirectPort="8443">
  </Connector>
#**********************************************************************************************

In my ssl.conf the configuration is: (UserMan is my web application)
#**********************************************************************************************
<IfModule mod_jk2.c>
<Location /UserMan>
JkUriSet worker ajp13:127.0.0.1:8009
</Location>

<Location /admin>
JkUriSet worker ajp13:127.0.0.1:8009
</Location>

<Location /manager/html>
JkUriSet worker ajp13:127.0.0.1:8009
</Location>
</IfModule>
#**********************************************************************************************

I am using client authentication and everything goes fine. SSL
connection is OK and the server ask the web browser for a client
certificate. And my application is displayed properly! I am happy up to
this moment but...

What about asking for SSL parameters from my webapp?

I am doing something like this inside a JSP file:

String cipher = (String)request.getAttribute("javax.servlet.request.cipher_suite");

Integer keysize = (Integer)request.getAttribute("javax.servlet.request.key_size");

X509Certificate [] certs = (X509Certificate [])request.getAttribute("javax.servlet.request.X509Certificate");

String sessionId = (String)request.getAttribute("javax.servlet.request.ssl_session");

X509Certificate [] certs = (X509Certificate [])request.getAttribute("org.apache.coyote.request.X509Certificate");


I ALLWAYS GET NULL!

What more can I do? Is there anybody that had succeded doing this? What about developers?

Thanks in advance! And sorry for this long post, but...

Thanks again!










---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)