AJP connector on wasp probe doesn´t start (with secret passphrase enabled)

book

Article ID: 209361

calendar_today

Updated On:

Products

DX Infrastructure Management

Issue/Introduction

As per tomcat AJP documentation, we have the following:

https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html

secret
Only requests from workers with this secret keyword will be accepted. The default value is null. This attribute must be specified with a non-null, non-zero length value unless secretRequired is explicitly configured to be false. If this attribute is configured with a non-null, non-zero length value then the workers must provide a matching value else the request will be rejected irrespective of the setting of secretRequired.

secretRequired
If this attribute is true, the AJP Connector will only start if the secret attribute is configured with a non-null, non-zero length value. This attribute only controls whether the secret attribute is required to be specified for the AJP Connector to start. It does not control whether workers are required to provide the secret. The default value is true. This attribute should only be set to false when the Connector is used on a trusted network.

So, in order to enable the secretRequired for AJP connector in Operator Console's wasp probe, you have configured the wasp.cfg as below:

<ajp_connector>
    secretRequired = true
    secret = xxxxxx
    ajp_ip = xxx.xxx.xxx.xxx   
</ajp_connector>

However, in the wasp logs, we can see the connector was disabled/not able to start since the secretRequired parameter was set as "true":

--------
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] AJP connector max threads 250
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] AJP connector secret = xxxxxx
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] AJP connector secretRequired = true
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] AJP connector IP Address from CFG xxx.xxx.xxx.xxx
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] IP used by Tomocat to Strat the AJP is: xxx.xxx.xxx.xxx
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] AJP connector ajp_ip = xxx.xxx.xxx.xxx
Feb 17 09:35:40:927 INFO  [main, com.nimsoft.nimbus.probe.service.wasp.Probe] AJP connector disabled as SecretRequired is:  true
--------

Environment

Release : 20.3

Component : UIM - OPERATOR CONSOLE

Resolution

This is not a bug and the probe is working as designed. This feature was not implemented yet.

If you need this feature implemented, an enhancement request must be submitted by creating an idea in Broadcom Community. Link below:

https://community.broadcom.com/ideation/allideas

OBS: You must be logged in to create/view ideas.