https://bz.apache.org/bugzilla/show_bug.cgi?id=59150
Bug ID: 59150
Summary: Add explicit flag to AprLifecycleListener to enable
autoconfiguration of sslImplementationName
Product: Tomcat 9
Version: 9.0.0.M3
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: knst.koli...@gmail.com
Continuing from my concern raised in "Tomcat 8.next" thread (Feb 2016)
>>
>> 2. The feature of auto-switching sslImplementationName with
>> availability of TCNative library needs better documentation. I suspect
>> that it may come as a surprise.
>>
>> There is documentation of sslImplementationName attribute on
>> config/http.html, but the attribute of AprLifecycleListener
>> (useAprConnector) is not documented at all.
>>
>
> It is supposed to be documented as of r1729644. OTOH, I'm not that good
> with that kind of thing, and maybe it is still confusing.
>
1) The "useAprConnector" attribute of AprLifecycleListener must be documented
in config/listeners.html
That attribute affects what connector implementation is auto-selected when
Connector protocol is specified as simple "HTTP/1.1" or "AJP/1.3". The value of
"false" means that the NIO implementation is used. The value of "true" means
that the implementation is either NIO or APR, depending on availability of
Tomcat-Native library.
Setting it to "false" disables autoselection of Connector protocol
implementation.
2) I think there needs to be similar attribute to control autoselection of
value of sslImplementationName for a HTTPS connector. With such attribute one
will be able to turn off that autoselection magic off.
I do not have a good name yet, though. Maybe "useOpensslJsseImplementation".
Motivation is that AprLifecycleListener can just be there to load the library.
A person may not need the autoselection feature. E.g. one can use two
explicitly configured APR and NIO connectors in parallel - the
AprLifecycleListener is used to load the library and nothing more is expected.
(Implementation pointer: the autoselection happens in
o.a.c.connector.Connector.initInternal(). See for "SslImplementationName"
there.)
Part 1) is a bug to be fixed (missing documentation for the attribute).
Part 2) is an enhancement request.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
