Websocket with apache mod_proxy_wstunnel to tomcat with javax.servlet.request.X509Certificate
Question
This is my Situation:
Browser<---HTTPS/WSS--->Apache-httpd<---HTTP/WS--->Tomcat(v7)
Is it possible to get the javax.servlet.request.X509Certificate in a Servlet Filter using mod_proxy_wstunnel reverse proxy? Thats my config:
ProxyPass /ws ws://space4-20.<***>.ch:8080/ws nofailover=On ProxyPassReverse /ws ws://space4-20.<***>.ch:8080/ws ProxyPass / ajp://space4-20.<***>:8009/ nofailover=On ProxyPassReverse / ajp://space4-20.<***>:8009/
If i connect directly to the tomcat(without apache) i can access it like this:
request.getAttribute("javax.servlet.request.X509Certificate");
But with the reverse proxy i don't have any attributes. Is it maybe because between the apache and the tomcat there is no SSL? But as I understood this doesn't matter, because if I do a normal HTTPS request i get all the SSL Information in the tomcat. I think thats because I have this:
SSLOptions +StdEnvVars +ExportCertData
But I think mod_proxy_wstunnel doesn't use that config.
Can somebody help me? Thank you in advance!
1 answers
solution1
0 2017-10-07 18:48:04
It IS because between the apache and the tomcat there is no SSL. For "normal" HTTPS, you are using AJP instead of HTTP. AJP pass authentication information to Tomcat.
Your "situation" really is: Browser<---HTTPS/WSS--->Apache-httpd<--- AJP /WS--->Tomcat(v7)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.