请求对象中的tls属性为空

axzmvihb  于 2021-10-10  发布在  Java
关注(0)|答案(1)|浏览(386)

我们使用apache(2.4.41)Web服务器作为运行自实现负载平衡器的tomcat(8.5)的反向代理。ApacheWebServer负责前端tls工作,并通过ajp(mod_proxy_ajp)与tomcat进行对话。在负载平衡器中,我们使用request.getattributenames()计算请求属性。在一段时间内,会出现带有以下键的空请求属性:
org.apache.tomcat.util.net.secure\u协议\u版本
javax.servlet.request.key\u大小
javax.servlet.request.cipher\u套件
javax.servlet.request.ssl\u会话\u id
我阅读了文档和源代码,但不明白为什么这些空属性仍然存在于请求中。根据tomcat请求中getattributenames()的javadoc,大多数特定于tls的属性不应通过此方法获取:

  1. /**
  2. * Return the names of all request attributes for this Request, or an
  3. * empty <code>Enumeration</code> if there are none. Note that the attribute
  4. * names returned will only be those for the attributes set via
  5. * {@link #setAttribute(String, Object)}. Tomcat internal attributes will
  6. * not be included although they are accessible via
  7. * {@link #getAttribute(String)}. The Tomcat internal attributes include:
  8. * <ul>
  9. * <li>{@link Globals#DISPATCHER_TYPE_ATTR}</li>
  10. * <li>{@link Globals#DISPATCHER_REQUEST_PATH_ATTR}</li>
  11. * <li>{@link Globals#ASYNC_SUPPORTED_ATTR}</li>
  12. * <li>{@link Globals#CERTIFICATES_ATTR} (SSL connections only)</li>
  13. * <li>{@link Globals#CIPHER_SUITE_ATTR} (SSL connections only)</li>
  14. * <li>{@link Globals#KEY_SIZE_ATTR} (SSL connections only)</li>
  15. * <li>{@link Globals#SSL_SESSION_ID_ATTR} (SSL connections only)</li>
  16. * <li>{@link Globals#SSL_SESSION_MGR_ATTR} (SSL connections only)</li>
  17. * <li>{@link Globals#PARAMETER_PARSE_FAILED_ATTR}</li>
  18. * </ul>
  19. * The underlying connector may also expose request attributes. These all
  20. * have names starting with "org.apache.tomcat" and include:
  21. * <ul>
  22. * <li>{@link Globals#SENDFILE_SUPPORTED_ATTR}</li>
  23. * </ul>
  24. * Connector implementations may return some, all or none of these
  25. * attributes and may also support additional attributes.
  26. *
  27. * @return the attribute names enumeration
  28. */
  29. @Override
  30. public Enumeration<String> getAttributeNames() {

也许有些人能对此有所启发。提前谢谢!

kmynzznz

kmynzznz1#

javadoc并不完全正确:正如您在引用的源代码中所看到的, getAttributeNames 除非已调用,否则不会列出这些内部属性 getAttribute 对于其中一个:

  1. if (!sslAttributesParsed && TLSUtil.isTLSRequestAttribute(name)) {
  2. coyoteRequest.action(ActionCode.REQ_SSL_ATTRIBUTE, coyoteRequest);
  3. attr = coyoteRequest.getAttribute(Globals.CERTIFICATES_ATTR);
  4. if (attr != null) {
  5. attributes.put(Globals.CERTIFICATES_ATTR, attr);
  6. }
  7. attr = coyoteRequest.getAttribute(Globals.CIPHER_SUITE_ATTR);
  8. if (attr != null) {
  9. attributes.put(Globals.CIPHER_SUITE_ATTR, attr);
  10. }
  11. ...

相关问题