> On 5 Apr 2002, Eric Rescorla wrote: > > > "Remy Maucherat" <[EMAIL PROTECTED]> writes: > > > > On Fri, 5 Apr 2002, Remy Maucherat wrote: > > > > I have big doubts the code that calls getSocket() can even work with ajp > > > > or pureTLS or other things. Probably a good idea to find where it is and > > > > call the right thing ( like getAttribute for certs, etc ). > > > > > > I'm not sure about it, but it doesn't look like client-cert would work with > > > PureTLS. > > > Hmm... I need to dig into this. Why do you think it wouldn't? > > The way it works - the connector ( or protocol handler ) creates the > socket, using plain, jsse, pureTLS. And Remy is saying that some othe > valves are calling getSocket() and use the socket/JSSE to extract info ( > I assume using JSSE specific code). > > That is going to fail if PureTLS or Ajp are used. > > But I don't think we can do anything about it - the method must be > deprecated and the code that calls it must be changed to call the right > methods ( req.getAttribute() or similar ).
Yes, unfortunately, I don't see a way to make it work. > BTW, with the new protocol handler - I still haven't implemented the > ActionCode to support req.getAttribute. I need a way to pass information > up ( all existing ActionCode are passing info from connector to protocol, > and I need a way to return info ). > > After Remy reviews the o.a.t.util.handler.TcHandlerContext, I plan to > use the context as a second param in the ActionHook - and use notes to > pass/return all informations we need. I don't like this habit of allowing bad design to live forever. The Action* must go, and be replaced by the TcHandler. The Http11Protocol appears to be working fine with the new Catalina connector, with the exception of the note below. Note: I have a problem implementing getRemoteHost and getRemoteAddr. I don't think it can be done lazily. Remy -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
