Re: Apache HTTPD (with SSL) + mod_jk + TomEE (Tomcat) nullify the ssl session id

Tue, 07 Jul 2015 01:29:57 -0700 

Hi Mark, SSL Session ID is not passed to Tomcat. You can see the logs here
https://gist.github.com/lordofthejars/226d8ed605f2a58b52f3 (I have created
a gist to not add here a lot of lines).

Now the question is is it happens because of mod_jk or because of Apache?
Alex.

El dl., 6 jul. 2015 a les 12:48, Mark Thomas (<ma...@apache.org>) va
escriure:

> On 06/07/2015 10:48, Alex Soto wrote:
> > Hello I have seen a strange behaviour in Apache HTTPD (2.4)  and TomEE
> (in
> > fact it is a Tomcat (7.0.61) so it is exactly the same for Tomcat) when I
> > configure Apache server with SSL and mod_jk.
> > In fact I am not sure where it is the problem if in mod_jk, in Apache
> > Server or in Tomcat, but I suspect that maybe the problem is on mod_jk
> > configuration.
> >
> > I am configuring the typical Apache as frontend and TomEE(Tomcat) as
> > backend solution. Currently Apache is configured with SSL and with mod_jk
> > it connects to TomEE using AJP. This works perfectly. The problem is that
> > inside my code I need to get the ssl session id:
> >
> > String ssl =
> >
> (String)servletRequest.getAttribute("javax.servlet.request.ssl_session_id");
> >
> > I don't know why but sometimes this attribute is null and sometimes not.
> It
> > may return a null at first then stay like 10 requests working and then
> stop
> > working again during some requests and the get attribute returns null.
> >
> > It seems that everything is configured correctly since sometimes works.
> > Have you ever found something similar or knows what it can be happening?
> Do
> > you think that maybe the problem is on client (browser) side?
> >
> > Everything is dockerized here:
> > https://github.com/lordofthejars/apache-tomee-ssl so you can review
> > configuration files of tomcat and apache or even run it.
> >
> > Thank you so much for your support.
>
> Try turning on debug logging for mod_jk. It will generate lots of data
> so just do it long enough to see the problem. When you look at the logs
> you should be able to see if the SSL Session ID is being passed to
> Tomcat or not.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Reply via email to