使用 httpd(apache)通过 AJP 连接到 tomcat 时出现 403 禁止错误

tag-icon tag-icon apache-2.4 mod-jk ajp tomcat9
使用 httpd(apache)通过 AJP 连接到 tomcat 时出现 403 禁止错误

我开始有点绝望了,因为我尝试了很多解决方案,但都不起作用。当我尝试通过 httpd 服务器(用作负载均衡器)访问我的 apache Tomcat 服务器时,我得到了 403 Forbidden 错误,而我可以直接访问 Tomcat。

使用:apache httpd 2.4.57 mod_jk 1.49 -(连接到 tomcat)Tomcat 9.0.6 两台服务器都是 Rhel9.2

mod_jk.log 想法:

AJP13 protocol: Reuse is set to false

当我将日志记录切换为调试时:

[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [warn] ajp_process_callback::jk_ajp_common.c (2195): (imsWorker) AJP13 protocol: Reuse is set to false
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] ajp_reset_endpoint::jk_ajp_common.c (874): (imsWorker) resetting endpoint with socket 31 (socket shutdown)
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] ajp_abort_endpoint::jk_ajp_common.c (844): (imsWorker) aborting endpoint with socket 31
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] jk_shutdown_socket::jk_connect.c (933): About to shutdown socket 31 [172.10.2.36:38684 -> 172.10.2.52:8009]
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] jk_is_input_event::jk_connect.c (1414): error event during poll on socket 31 [errno=107] (event=16)
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] jk_shutdown_socket::jk_connect.c (1017): Shutdown socket 31 [172.10.2.36:38684 -> 172.10.2.52:8009] and read 0 lingering bytes in 0 sec.
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] ajp_done::jk_ajp_common.c (3411): recycling connection pool for worker imsWorker and socket -1
[Tue Mar 05 11:40:46 2024] [ZecEvlLNAdbkYeD1ZVBPVQAAAAM] [1081073:139915513611840] [debug] jk_handler::mod_jk.c (3009): Service finished with status=403 for worker=imsWorker

tomcat 服务器上的 AJP 连接器:

<Connector executor="tomcatThreadPool" port="8009" protocol="AJP/1.3" address="::" redirectPort="8443" secretRequired="true" secret="test147258369!" connectionTimeout="10000" allowedRequestAttributesPattern=".*" relaxedQueryChars="[]" />

Apache 机器上的 worker.properties:

worker.list=imsWorker
worker.imsWorker.type=ajp13
worker.imsWorker.host=172.10.2.52
worker.imsWorker.port=8009
wokrer.imsWorker.secret=test147258369!
worker.imsWorker.connect_timeout=10000
worker.imsWorker.prepost_timeout=10000
worker.imsWorker.socket_timeout=10
worker.imsWorker.connection_pool_timeout=60
worker.imsWorker.connection_pool_size=90
worker.imsWorker.retries=2
worker.imsWorker.reply_timeout=30000

我已经在安装了 RockyOs9.2 的不同机器上使用它了,没有遇到这个问题。非常感谢您的帮助。谢谢

我还尝试通过在 tomcat 上将 secretRequired 设置为 false 来禁用 secret,但问题仍然存在,所以我认为这与 secret 属性无关。

相关内容