----- "Martin Kuba" <makub@xxxxxxxxxxx> wrote:
> Hi all,
Hi Martin,
> no response so far, but I have figured it myself, the right directive
> is
Thank you for this post.
> RewriteRule .* - [E=AJP_SSL_CLIENT_S_DN:%{SSL:SSL_CLIENT_S_DN}]
>
> Cheers
>
> Martin
>
> Dne 12.1.2011 12:36, Martin Kuba napsal(a):
> > Hi all,
> >
> > I am trying to pass an arbitrary environment variable from Apache
> (2.2) to Tomcat (6.0)
> > using mod_proxy_ajp, but without success so far. Specifically I want
> to pass the
> > SSL_CLIENT_S_DN variable set by the mod_ssl.
> >
> > The manual page
> > http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html
> > says that
> >
> > "Environment variables whose names have the prefix AJP_ are
> forwarded to the origin server
> > as AJP request attributes (with the AJP_ prefix removed from the
> name of the key)."
> >
> > However I can't figure out how I can set such a variable. I have
> Googled up
> > several solutions, but none worked.
> >
> > SetEnv can assign only static strings as values, not variables.
> >
> > This directive:
> >
> > SetEnvIf SSL_CLIENT_S_DN (.*) AJP_SSL_CLIENT_S_DN=$1
IIRC, the problem is that SetEnvIf runs to late,
but I'm probably talking out of my ass.
> > sets empty string.
> >
> > Using mod_rewrite like
> >
> > RewriteCond %{SSL_CLIENT_S_DN} (.*)
> > RewriteRule .* - [E=AJP_SSL_CLIENT_S_DN:%1]
> >
> > or
> >
> > RewriteCond %{SSL_CLIENT_S_DN} (.*)
> > RewriteRule .* - [E=AJP_SSL_CLIENT_S_DN:%{SSL_CLIENT_S_DN}]
> >
> > does not work either.
> >
> > I have even tried
> >
> > RequestHeader set X-SSL-DN "%{SSL_CLIENT_S_DN}e"
> > SetEnvIf X-SSL-DN (.*) AJP_SSL_CLIENT_S_DN=$1
> >
> > but only the header X-SSL-DN is set, not the AJP_SSL_CLIENT_S_DN
> variable.
> >
> > It looks like the SSL_CLIENT_S_DN is not present in the time when
> the RewriteRule
> > or SetEnvIf directives are processed.
> >
> >
> > I know that I can use mod_jk instead of mod_proxy_ajp, and it
> provides the directive
> >
> > JkEnvVar SSL_CLIENT_S_DN
> >
> > which is exactly what I need. However I wonder why the mod_proxy_ajp
> documentation
> > mentions the AJP_ prefixed variables when it is impossible to set
> them.
> >
> > Or why the mod_proxy_ajp dpes not provide a directive similar to the
> JkEnvVar directive of mod_jk.
> >
> > Best regards
> >
> > Martin
>
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Supercomputing Center Brno Martin Kuba
> Institute of Computer Science email: makub@xxxxxxxxxxx
> Masaryk University http://www.ics.muni.cz/~makub/
> Botanicka 68a, 60200 Brno, CZ mobil: +420-603-533775
> --------------------------------------------------------------
i
--
Igor GaliÄ
Tel: +43 (0) 664 886 22 883
Mail: i.galic@xxxxxxxxxxxxxx
URL: http://brainsware.org/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|