Disable AJP connector by default

conf/server.xml

@@ -113,8 +113,9 @@
     -->
 
     <!-- Define an AJP 1.3 Connector on port 8009 -->
+    <!--
     <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
-
+    -->
 
     <!-- An Engine represents the entry point (within Catalina) that processes
          every request.  The Engine implementation for Tomcat stand alone

res/tomcat.nsi

@@ -53,7 +53,6 @@ Var Arch
 Var ResetInstDir
 Var TomcatPortShutdown
 Var TomcatPortHttp
-Var TomcatPortAjp
 Var TomcatMenuEntriesEnable
 Var TomcatShortcutAllUsers
 Var TomcatServiceName
@@ -70,7 +69,6 @@ Var TomcatAdminRoles
 Var CtlJavaHome
 Var CtlTomcatPortShutdown
 Var CtlTomcatPortHttp
-Var CtlTomcatPortAjp
 Var CtlTomcatServiceName
 Var CtlTomcatShortcutAllUsers
 Var CtlTomcatAdminUsername
@@ -135,7 +133,6 @@ Var ServiceInstallLog
   LangString TEXT_JVM_LABEL1 ${LANG_ENGLISH} "Please select the path of a Java @MIN_JAVA_VERSION@ or later JRE installed on your system."
   LangString TEXT_CONF_LABEL_PORT_SHUTDOWN ${LANG_ENGLISH} "Server Shutdown Port"
   LangString TEXT_CONF_LABEL_PORT_HTTP ${LANG_ENGLISH} "HTTP/1.1 Connector Port"
-  LangString TEXT_CONF_LABEL_PORT_AJP ${LANG_ENGLISH} "AJP/1.3 Connector Port"
   LangString TEXT_CONF_LABEL_SERVICE_NAME ${LANG_ENGLISH} "Windows Service Name"
   LangString TEXT_CONF_LABEL_SHORTCUT_ALL_USERS ${LANG_ENGLISH} "Create shortcuts for all users"
   LangString TEXT_CONF_LABEL_ADMIN ${LANG_ENGLISH} "Tomcat Administrator Login (optional)"
@@ -459,7 +456,6 @@ Function .onInit
   StrCpy $JavaHome ""
   StrCpy $TomcatPortShutdown "-1"
   StrCpy $TomcatPortHttp "8080"
-  StrCpy $TomcatPortAjp "8009"
   StrCpy $TomcatMenuEntriesEnable "0"
   StrCpy $TomcatShortcutAllUsers "0"
   StrCpy $TomcatServiceDefaultName "Tomcat@VERSION_MAJOR@"
@@ -477,7 +473,6 @@ Function .onInit
      ${ReadFromConfigIni} $JavaHome "JavaHome" $R2
      ${ReadFromConfigIni} $TomcatPortShutdown "TomcatPortShutdown" $R2
      ${ReadFromConfigIni} $TomcatPortHttp "TomcatPortHttp" $R2
-     ${ReadFromConfigIni} $TomcatPortAjp "TomcatPortAjp" $R2
      ${ReadFromConfigIni} $TomcatMenuEntriesEnable "TomcatMenuEntriesEnable" $R2
      ${ReadFromConfigIni} $TomcatShortcutAllUsers "TomcatShortcutAllUsers" $R2
      ${ReadFromConfigIni} $TomcatServiceDefaultName "TomcatServiceDefaultName" $R2
@@ -603,13 +598,6 @@ Function pageConfiguration
   Pop $CtlTomcatPortHttp
   ${NSD_SetTextLimit} $CtlTomcatPortHttp 5
 
-  ${NSD_CreateLabel} 0 36u 100u 14u "$(TEXT_CONF_LABEL_PORT_AJP)"
-  Pop $R0
-
-  ${NSD_CreateText} 150u 34u 50u 12u "$TomcatPortAjp"
-  Pop $CtlTomcatPortAjp
-  ${NSD_SetTextLimit} $CtlTomcatPortAjp 5
-
   ${NSD_CreateLabel} 0 57u 140u 14u "$(TEXT_CONF_LABEL_SERVICE_NAME)"
   Pop $R0
 
@@ -647,7 +635,6 @@ FunctionEnd
 Function pageConfigurationLeave
   ${NSD_GetText} $CtlTomcatPortShutdown $TomcatPortShutdown
   ${NSD_GetText} $CtlTomcatPortHttp $TomcatPortHttp
-  ${NSD_GetText} $CtlTomcatPortAjp $TomcatPortAjp
   ${NSD_GetText} $CtlTomcatServiceName $TomcatServiceName
   ${If} $TomcatMenuEntriesEnable == "1"
     ${NSD_GetState} $CtlTomcatShortcutAllUsers $TomcatShortcutAllUsers
@@ -670,12 +657,6 @@ Function pageConfigurationLeave
     Goto exit
   ${EndIf}
 
-  ${If} $TomcatPortAjp == ""
-    MessageBox MB_ICONEXCLAMATION|MB_OK 'The AJP port may not be empty'
-    Abort "Config not right"
-    Goto exit
-  ${EndIf}
-
   ${If} $TomcatServiceName == ""
     MessageBox MB_ICONEXCLAMATION|MB_OK 'The Service Name may not be empty'
     Abort "Config not right"
@@ -1064,7 +1045,6 @@ Function configure
     IfErrors SERVER_XML_LEAVELOOP
     ${StrRep} $R4 $R3 "8005" "$TomcatPortShutdown"
     ${StrRep} $R3 $R4 "8080" "$TomcatPortHttp"
-    ${StrRep} $R4 $R3 "8009" "$TomcatPortAjp"
     FileWrite $R2 $R4
   Goto SERVER_XML_LOOP
   SERVER_XML_LEAVELOOP:
@@ -1082,7 +1062,6 @@ Function configure
 
   DetailPrint 'Server shutdown listener configured on port "$TomcatPortShutdown"'
   DetailPrint 'HTTP/1.1 Connector configured on port "$TomcatPortHttp"'
-  DetailPrint 'AJP/1.3 Connector configured on port "$TomcatPortAjp"'
   DetailPrint "server.xml written"
 
   StrCpy $R5 ''

webapps/docs/changelog.xml

@@ -174,6 +174,10 @@
         to <code>rejectIllegalHeader</code> and expand the underlying
         implementation to include header values as well as names. (markt)
       </fix>
+      <update>
+        Disable (comment out in server.xml) the AJP/1.3 connector by default.
+        (markt)
+      </update>
     </changelog>
   </subsection>
   <subsection name="Jasper">

webapps/docs/manager-howto.xml

@@ -918,8 +918,6 @@ currently configured for each virtual host.</p>
 <source>OK - Connector / Trusted Certificate information
 Connector[HTTP/1.1-8080]
 SSL is not enabled for this connector
-Connector[AJP/1.3-8009]
-SSL is not enabled for this connector
 Connector[HTTP/1.1-8443]-_default_
 [
 [

webapps/docs/security-howto.xml

@@ -246,12 +246,12 @@
     </subsection>
 
     <subsection name="Connectors">
-      <p>By default, an HTTP and an AJP connector are configured. Connectors
-      that will not be used should be removed from server.xml.</p>
+      <p>By default, a non-TLS, HTTP/1.1 connector is configured on port 8080.
+      Connectors that will not be used should be removed from server.xml.</p>
 
       <p>The <strong>address</strong> attribute may be used to control which IP
-      address the connector listens on for connections. By default, the
-      connector listens on all configured IP addresses.</p>
+      address a connector listens on for connections. By default, a connector
+      listens on all configured IP addresses.</p>
 
       <p>The <strong>allowTrace</strong> attribute may be used to enable TRACE
       requests which can be useful for debugging. Due to the way some browsers

webapps/docs/setup.xml

@@ -85,7 +85,6 @@
             <li>JavaHome</li>
             <li>TomcatPortShutdown</li>
             <li>TomcatPortHttp</li>
-            <li>TomcatPortAjp</li>
             <li>TomcatMenuEntriesEnable</li>
             <li>TomcatShortcutAllUsers</li>
             <li>TomcatServiceDefaultName</li>