diff -up ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java
--- ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig 2020-04-22 15:31:12.889587528 -0400
+++ ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2020-04-22 15:31:37.907534419 -0400
@@ -16,7 +16,6 @@
*/
package org.apache.coyote.ajp;
-import java.net.InetAddress;
import java.util.regex.Pattern;
import org.apache.coyote.AbstractProtocol;
@@ -49,8 +48,6 @@ public abstract class AbstractAjpProtoco
setConnectionTimeout(Constants.DEFAULT_CONNECTION_TIMEOUT);
// AJP does not use Send File
getEndpoint().setUseSendfile(false);
- // AJP listens on loopback by default
- getEndpoint().setAddress(InetAddress.getLoopbackAddress());
ConnectionHandler<S> cHandler = new ConnectionHandler<>(this);
setHandler(cHandler);
getEndpoint().setHandler(cHandler);
@@ -180,7 +177,7 @@ public abstract class AbstractAjpProtoco
}
- private boolean secretRequired = true;
+ private boolean secretRequired = false;
public void setSecretRequired(boolean secretRequired) {
this.secretRequired = secretRequired;
}
diff -up ./webapps/docs/changelog.xml.orig ./webapps/docs/changelog.xml
--- ./webapps/docs/changelog.xml.orig 2020-04-03 08:12:03.000000000 -0400
+++ ./webapps/docs/changelog.xml 2020-04-22 15:31:37.911534411 -0400
@@ -526,14 +526,10 @@
Disable (comment out in server.xml) the AJP/1.3 connector by default.
(markt)
</update>
- <update>
- Change the default bind address for the AJP/1.3 connector to be the
- loopback address. (markt)
- </update>
<add>
Rename the <code>requiredSecret</code> attribute of the AJP/1.3
Connector to <code>secret</code> and add a new attribute
- <code>secretRequired</code> that defaults to <code>true</code>. When
+ <code>secretRequired</code> that defaults to <code>false</code>. When
<code>secretRequired</code> is <code>true</code> the AJP/1.3 Connector
will not start unless the <code>secret</code> attribute is configured to
a non-null, non-zero length String. (markt)
diff -up ./webapps/docs/config/ajp.xml.orig ./webapps/docs/config/ajp.xml
--- ./webapps/docs/config/ajp.xml.orig 2020-04-22 15:31:37.913534406 -0400
+++ ./webapps/docs/config/ajp.xml 2020-04-22 15:35:35.003031090 -0400
@@ -327,7 +327,9 @@
<attribute name="address" required="false">
<p>For servers with more than one IP address, this attribute specifies
which address will be used for listening on the specified port. By
- default, the connector will listen on the loopback address. Unless the JVM
+ default, this port will be used on all IP addresses associated with the
+ server. A value of <code>127.0.0.1</code> indicates that the Connector
+ will only listen on the loopback interface. Unless the JVM
is configured otherwise using system properties, the Java based connectors
(NIO, NIO2) will listen on both IPv4 and IPv6 addresses when configured
with either <code>0.0.0.0</code> or <code>::</code>. The APR/native
@@ -500,7 +502,7 @@
the <strong>secret</strong> attribute is required to be specified for the
AJP Connector to start. It <strong>does not</strong> control whether
workers are required to provide the secret. The default value is
- <code>true</code>. This attribute should only be set to <code>false</code>
+ <code>false</code>. This attribute should only be set to <code>false</code>
when the Connector is used on a trusted network.</p>
</attribute>