Hi, On Wed, Feb 19, 2020 at 9:34 AM Friderike Hofmeister < friderike.hofmeis...@mbsupport.de> wrote:
> Chris, > > strange, as I thought I specified secretRequired="false" and so don't need > any secret, but anyway: > that's it -- Thank you! > > Now without secret="" and without mod_jk everything works fine. > In this case do we need to check whether the secret is required at https://github.com/apache/tomcat/blob/81cfd2dc665db684b1fba0de5af4d08102dc50fb/java/org/apache/coyote/ajp/AjpProcessor.java#L844-L849 before setting the error status ? mod_proxy sends a secret but Tomcat is configured to not use/require it > > Regards, > Friderike Hofmeister > > > > > Christopher Schultz <ch...@christopherschultz.net> hat am 18. Februar > 2020 17:07 geschrieben: > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > Friderike, > > > > On 2/18/20 07:36, Friderike Hofmeister wrote: > > > for our application we have to use the AJP protocol and so I > > > understand with Tomcat 8.5.51 we have to configure the AJP > > > connector as follows: > > > > > > <Connector port="8009" protocol="AJP/1.3" address="127.0.0.1" > > > redirectPort="8443" secretRequired="false" secret="" /> > > > > You don't want secret="", which is different than leaving it unset. > > Setting it to "" means it's set to an empty string. > > > > I think you just want to remove the "secret" attribute altogether. > > > > > With this browser error message changed to "403 -- Der Server hat > > > die Anfrage verstanden, verbietet aber eine Autoriesierung." > > Are there any other specific error messages in the logs? > > > > - -chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
