AJP connector doesn't work

[cbeach47]

Describe the bug
In oEQ 2020.1.0, the AJP connector won't connect properly to web server requests.

To Reproduce
Steps to reproduce the behavior:

1. Setup oEQ 2020.1.0 with AJP
2. Setup Apache2 via AJP to oEQ's Tomcat
3. Try to access oEQ via Apache2. Note error

Expected behavior
Apache should be able to service/forward requests onto Tomcat via AJP.

Platform:
Seen on:

• OpenEquella Version: 2020.1.0
• OS: CentOS & Ubuntu

[cbeach47]

Looks like the issue was due to a mis-named configuration - requiredSecret was the old way to disable the ajp secret requirement, and should now be secretRequired.

Since I'm already in this area of the code, I'm confirming the ability to add ajp.secret to the connector.

[edalex-ian]

Thanks @cbeach47 👍

[cathfitz]

@cbeach47 do you have a fix date in mind for this? - we have a couple of hotfixes awaiting this fix.

[cathfitz]

@cbeach47 any update on this fix?

[cbeach47]

Sry for the delay @cathfitz - I'll get something out shortly.

[cbeach47]

@cathfitz PR is now opened.

Test setup:
httpd oeq.conf:

<VirtualHost *:80>
	ServerName your-domain-or-ip
	ErrorLog /var/log/apache2/ajp.error.log
	CustomLog /var/log/apache2/ajp.log combined
	<Proxy *>
		AddDefaultCharset Off
		Order deny,allow
		Allow from all
	</Proxy>
ProxyPreserveHost On
    
	ProxyPass / ajp://127.0.0.1:8479/ nocanon
	ProxyPassReverse / ajp://127.0.0.1:8479/ nocanon
</VirtualHost>

oEQ mandatory-config.properties:

...
ajp.port = 8479
ajp.secret.required = false
...

[cbeach47]

This has been tested, and I think it's good to be back-ported with a quick test in the patch releases.

As this gets closer to 2020.2.0 release, as well as hopefully Apache will support ajp secrets, doing another quick test would be good.

[cathfitz]

Tested and good to go