1
<html><head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Tomcat Connector - AJPv13 extensions Proposal</title><meta value="Henri Gomez" name="author"><meta value="hgomez@apache.org" name="email"><link rel="stylesheet" type="text/css" href="../style.css"></head><body vlink="#525D76" alink="#525D76" link="#525D76" text="#000000" bgcolor="#ffffff"><table cellspacing="4" width="100%" border="0"><!--PAGE HEADER--><tr><td colspan="2"><!--TOMCAT LOGO--><a href="http://tomcat.apache.org/"><img border="0" alt="Apache Tomcat" align="left" src="../images/tomcat.gif"></a><!--APACHE LOGO--><a href="http://www.apache.org/"><img border="0" alt="Apache Logo" align="right" src="http://www.apache.org/images/asf-logo.gif"></a></td></tr><!--HEADER SEPARATOR--><tr><td colspan="2"><hr size="1" noshade="noshade"></td></tr><tr><!--LEFT SIDE NAVIGATION--><td nowrap="true" valign="top" width="20%"><p><strong>Links</strong></p><ul><li><a href="../index.html">Docs Home</a></li></ul><p><strong>AJP Protocol</strong></p><ul><li><a href="ajpv13a.html">AJPv13</a></li><li><a href="ajpv13ext.html">AJPv13 extension Proposal</a></li></ul></td><!--RIGHT SIDE MAIN BODY--><td align="left" valign="top" width="80%"><table cellspacing="4" width="100%" border="0"><tr><td valign="top" align="left"><h1>Tomcat Connector</h1><h2>AJPv13 extensions Proposal</h2></td><td nowrap="true" valign="top" align="right"><small><a href="printer/ajpv13ext.html"><img alt="Printer Friendly Version" border="0" src="../images/printer.gif"><br>print-friendly<br>version
2
</a></small></td></tr></table><table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Introduction"><strong>Introduction</strong></a></font></td></tr><tr><td><blockquote>
4
This document is a proposal of evolution of the current
5
Apache JServ Protocol version 1.3, also known as ajp13.
6
I'll not cover here the full protocol but only the add-on from ajp13.
8
This nth pass include comments from the tomcat-dev list and
9
misses discovered during developpment.
11
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Missing features in AJP13"><strong>Missing features in AJP13</strong></a></font></td></tr><tr><td><blockquote>
13
ajp13 is a good protocol to link a servlet engine like tomcat to a web server like Apache:
17
use persistants connections to avoid reconnect time at each request
20
encode many http commands to reduce stream size
23
send to servlet engine many info from web server (like SSL certs)
27
But ajp13 lacks support for :
31
security between web server and servlet engine.
32
Anybody can connect to an ajp13 port (no login mecanism used)
33
You could connect, for example with telnet, and keep the remote thread
34
up by not sending any data (no timeout in connection)
37
context information passed from servlet engine to web server.
38
Part of the configuration of JK, the web server connector, is to
39
indicate to the web server which URI to handle.
40
The mod_jk JkMount directive, told to web server which URI must be
41
forwarded to servlet engine.
42
A servlet engine allready knows which URI it handle and TC 3.3 is
43
allready capable to generate a config file for JK from the list
44
of available contexts.
47
state update of contexts from servlet engine to web server.
48
Big site with farm of Tomcat, like ISP and virtuals hosters,
49
may need to stop a context for admin purposes. In that case the front
50
web server must know that the context is currently down, to eventually
51
relay the request to another Tomcat
54
verify state of connection before sending request.
55
Actually JK send the request to the servlet engine and next wait
56
for the answer. But one of the beauty of the socket API, is you that
57
you could write() to a closed connection without any error reporting,
58
but a read() to a closed connection return you the error code.
63
</blockquote></td></tr></table>
65
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Proposed add-ons to AJP13"><strong>Proposed add-ons to AJP13</strong></a></font></td></tr><tr><td><blockquote>
67
Let's descrive here the features and add-on that could be added to AJP13.
68
Since this document is a proposal, a reasonable level of chaos must be expected at first.
69
Be sure that discussion on tomcat list will help clarify points, add
70
features but the current list seems to be a 'minimun vital'
75
Advanced login features at connect time
79
Basic authorisation system, where a shared secret key is
80
present in web server and servlet engine.
84
Basic protocol negociation, just to be sure that if functionnalities are added
85
to AJP13 in the future, current implementations will still works.
89
Clean handling of 'Unknown packets'
93
Extended env vars passed from web-server to servlet engine.
97
Add extra SSL informations needed by Servlet 2.3 API (like SSL_KEY_SIZE)
103
</blockquote></td></tr></table>
105
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Advanced login"><strong>Advanced login</strong></a></font></td></tr><tr><td><blockquote>
110
WEB-SERVER send LOGIN INIT CMD + NEGOCIATION DATA + WEB SERVER INFO
113
TOMCAT respond with LOGIN SEED CMD + RANDOM DATA
116
WEB-SERVER calculted the MD5 of RANDOM DATA+SECRET DATA
119
WEB-SERVER send LOGIN COMP CMD + MD5 (SECRET DATA + RANDOM DATA)
122
TOMCAT respond with LOGIN STATUS CMD + NEGOCIED DATA + SERVLET ENGINE INFO
126
To prevent DOS attack, the servlet engine will wait
127
the LOGIN CMD only 15/30 seconds and reports the
128
timeout exception for admins investigation.
130
The login command will contains basic protocol
131
negociation information like compressing ability,
132
crypto, context info (at start up), context update at
133
run-time (up/down), level of SSL env vars, AJP protocol
134
level supported (level1/level2/level3...)
136
The Web server info will contain web server info and
137
connector name (ie Apache 1.3.26 + mod_ssl 2.8.8 + mod_jk 1.2.1 + mod_perl 1.25).
139
The servlet engine will mask the negociation mask with it's own
140
mask (what it can do) and return it when loggin is accepted.
142
This will help having a basic AJP13 implementation (level 1)
143
on a web-server working with a more advanced protocol handler on
144
the servlet engine side or vice-versa.
146
AJP13 was designed to be small and fast and so many
147
SSL informations present in the web-server are not
148
forwarded to the servlet engine.
150
We add here four negociations flags to provide more
151
informations on client SSL data (certs), server SSL datas,
152
crypto used, and misc datas (timeout...).
154
</blockquote></td></tr></table>
156
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Messages Stream"><strong>Messages Stream</strong></a></font></td></tr><tr><td><blockquote>
158
<div class="example"><pre>
159
+----------------+------------------+-----------------+
160
| LOGIN INIT CMD | NEGOCIATION DATA | WEB SERVER INFO |
161
+----------------+------------------+-----------------+
163
+----------------+----------------+
164
| LOGIN SEED CMD | MD5 of entropy |
165
+----------------+----------------+
167
+----------------+----------------------------+
168
| LOGIN COMP CMD | MD5 of RANDOM + SECRET KEY |
169
+----------------+----------------------------+
171
+-----------+---------------+---------------------+
172
| LOGOK CMD | NEGOCIED DATA | SERVLET ENGINE INFO |
173
+-----------+---------------+---------------------+
175
+------------+--------------+
176
| LOGNOK CMD | FAILURE CODE |
177
+------------+--------------+
182
LOGIN INIT CMD, LOGIN SEED CMD, LOGIN COMP CMD, LOGOK CMD, LOGNOK CMD are 1 byte long.
185
MD5, MD5 of RANDOM + SECRET KEY are 32 chars long.
188
NEGOCIATION DATA, NEGOCIED DATA, FAILURE CODE are 32 bits long.
191
WEB SERVER INFO, SERVLET ENGINE INFO are CString.
195
The secret key will be set by a new propertie in
196
workers.properties : secretkey
197
<div class="example"><pre>
198
worker.ajp13.port=8009
199
worker.ajp13.host=localhost
200
worker.ajp13.type=ajp13
201
worker.ajp13.secretkey=myverysecretkey
204
</blockquote></td></tr></table>
206
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Shutdown feature"><strong>Shutdown feature</strong></a></font></td></tr><tr><td><blockquote>
208
AJP13 miss a functionnality of AJP12, which is shutdown command.
209
A logout will tell servlet engine to shutdown itself.
210
<div class="example"><pre>
211
+--------------+----------------------------+
212
| SHUTDOWN CMD | MD5 of RANDOM + SECRET KEY |
213
+--------------+----------------------------+
219
+-------------+--------------+
220
| SHUTNOK CMD | FAILURE CODE |
221
+-------------+--------------+
226
SHUTDOWN CMD, SHUTOK CMD, SHUTNOK CMD are 1 byte long.
229
MD5 of RANDOM + SECRET KEY are 32 chars long.
232
FAILURE CODE is 32 bits long.
237
</blockquote></td></tr></table>
239
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Extended Env Vars feature"><strong>Extended Env Vars feature</strong></a></font></td></tr><tr><td><blockquote>
243
While working on AJP13 in JK, I really discovered "JkEnvVar".
244
The following "Extended Env Vars feature" description may not
245
be implemented in extended AJP13 since allready available in original
250
Many users will want to see some of their web-server env vars
251
passed to their servlet engine.
253
To reduce the network traffic, the web-servlet will send a
254
table to describing the external vars in a shorter fashion.
256
We'll use there a functionnality allready present in AJP13,
259
In the AJP13, we've got :
261
<div class="example"><pre>
262
AJP13_FORWARD_REQUEST :=
270
server_port (integer)
272
num_headers (integer)
273
request_headers *(req_header_name req_header_value)
275
?context (byte string)
276
?servlet_path (byte string)
277
?remote_user (byte string)
278
?auth_type (byte string)
279
?query_string (byte string)
280
?jvm_route (byte string)
281
?ssl_cert (byte string)
282
?ssl_cipher (byte string)
283
?ssl_session (byte string)
285
?attributes *(attribute_name attribute_value)
286
request_terminator (byte)
289
Using short 'web server attribute name' will reduce the
292
<div class="example"><pre>
293
+-------------------+---------------------------+-------------------------------+----+
294
| EXTENDED VARS CMD | WEB SERVER ATTRIBUTE NAME | SERVLET ENGINE ATTRIBUTE NAME | ES |
295
+-------------------+---------------------------+-------------------------------+----+
300
<div class="example"><pre>
301
JkExtVars S1 SSL_CLIENT_V_START javax.servlet.request.ssl_start_cert_date
302
JkExtVars S2 SSL_CLIENT_V_END javax.servlet.request.ssl_end_cert_date
303
JkExtVars S3 SSL_SESSION_ID javax.servlet.request.ssl_session_id
306
+-------------------+----+-------------------------------------------+
307
| EXTENDED VARS CMD | S1 | javax.servlet.request.ssl_start_cert_date |
308
+-------------------+----+-------------------------------------------+
309
+----+-----------------------------------------+
310
| S2 | javax.servlet.request.ssl_end_cert_date |
311
+----+-----------------------------------------+
312
+----+-----------------------------------------+
313
| S3 | javax.servlet.request.ssl_end_cert_date |
314
+----+-----------------------------------------+
317
During transmission in extended AJP13 we'll see attributes name
318
containing S1, S2, S3 and attributes values of
319
2001/01/03, 2002/01/03, 0123AFE56.
321
This example showed the use of extended SSL vars but
322
any 'personnal' web-server vars like custom authentification
323
vars could be reused in the servlet engine.
324
The cost will be only some more bytes in the AJP traffic.
328
EXTENDED VARS CMD is 1 byte long.
331
WEB SERVER ATTRIBUTE NAME, SERVLET ENGINE ATTRIBUTE NAME are CString.
334
ES is an empty CString.
339
</blockquote></td></tr></table>
341
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Context informations forwarding for Servlet engine to Web Server"><strong>Context informations forwarding for Servlet engine to Web Server</strong></a></font></td></tr><tr><td><blockquote>
343
Just after the LOGON PHASE, the web server will ask for the list of contexts
344
and URLs/URIs handled by the servlet engine.
345
It will ease installation in many sites, reduce questions about configuration
346
on tomcat-user list, and be ready for servlet API 2.3.
348
This mode will be activated by a new directive JkAutoMount
350
ie: JkAutoMount examples myworker1 /examples/
352
If we want to get ALL the contexts handled by the servlet engine, willcard
355
ie: JkAutoMount * myworker1 *
357
A servlet engine could have many contexts, /examples, /admin, /test.
358
We may want to use only some contexts for a given worker. It was
359
done previously, in apache HTTP server for example, by setting by
360
hand the JkMount accordingly in each [virtual] area of Apache.
362
If you web-server support virtual hosting, we'll forward also that
363
information to servlet engine which will only return contexts for
365
In that case the servlet engine will only return the URL/URI matching
366
these particular virtual server (defined in server.xml).
367
This feature will help ISP and big sites which mutualize large farm
368
of Tomcat in load-balancing configuration.
370
<div class="example"><pre>
371
+-----------------+-------------------+----------+----------+----+
372
| CONTEXT QRY CMD | VIRTUAL HOST NAME | CONTEXTA | CONTEXTB | ES |
373
+-----------------+-------------------+----------+----------+----+
375
+------------------+-------------------+----------+-------------------+----------+---------------+----+
376
| CONTEXT INFO CMD | VIRTUAL HOST NAME | CONTEXTA | URL1 URL2 URL3 ES | CONTEXTB | URL1 URL2 ... | ES |
377
+------------------+-------------------+----------+-------------------+----------+---------------+----+
380
We'll discover via context-query, the list of URL/MIMES handled by the remove servlet engine
381
for a list of contextes.
382
In wildcard mode, CONTEXTA will contains just '*'.
386
CONTEXT QRY CMD and CONTEXT INFO CMD are 1 byte long.
389
VIRTUAL HOST NAME is a CString, ie an array of chars terminated by a null byte (/0).
392
An empty string is just a null byte (/0).
395
ES is an empty CString. Indicate end of URI/URLs or end of CONTEXTs.
400
When VirtualMode is not to be used, the VIRTUAL HOST NAME is '*'.
401
In that case the servlet engine will send all contexts handled.
403
</blockquote></td></tr></table>
405
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Context informations updates from Servlet engine to Web Server"><strong>Context informations updates from Servlet engine to Web Server</strong></a></font></td></tr><tr><td><blockquote>
407
Context update are messages caming from the servlet engine each time a context
408
is desactivated/reactivated. The update will be in use when the directive JkUpdateMount.
409
This directive will set the AJP13_CONTEXT_UPDATE_NEG flag.
411
ie: JkUpdateMount myworker1
413
<div class="example"><pre>
414
+--------------------+-------------------+----------+--------+----------+--------+----+
415
| CONTEXT UPDATE CMD | VIRTUAL HOST NAME | CONTEXTA | STATUS | CONTEXTB | STATUS | ES |
416
+--------------------+-------------------+----------+--------+----------+--------+----+
421
CONTEXT UPDATE CMD, STATUS are 1 byte long.
424
VIRTUAL HOST NAME, CONTEXTS are CString.
427
ES is an empty CString. Indicate end of CONTEXTs.
432
When VirtualMode is not in use, the VIRTUAL HOST NAME is '*'.
433
STATUS is one byte indicating if context is UP/DOWN/INVALID
435
</blockquote></td></tr></table>
437
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Context status query to Servlet engine"><strong>Context status query to Servlet engine</strong></a></font></td></tr><tr><td><blockquote>
439
This query will be used by the web-server to determine if a given
440
contexts are UP, DOWN or INVALID (and should be removed).
442
<div class="example"><pre>
443
+-------------------+--------------------+----------+----------+----+
444
| CONTEXT STATE CMD | VIRTUAL HOST NAME | CONTEXTA | CONTEXTB | ES |
445
+-------------------+--------------------+----------+----------+----+
447
+-------------------------+-------------------+----------+--------+----------+--------+----+
448
| CONTEXT STATE REPLY CMD | VIRTUAL HOST NAME | CONTEXTA | STATUS | CONTEXTB | STATUS | ES |
449
+-------------------------+-------------------+----------+-------------------+--------+----+
454
CONTEXT STATE CMD, CONTEXT STATE REPLY CMD, STATUS are 1 byte long.
457
VIRTUAL HOST NAME, CONTEXTs are CString
460
ES is an empty CString
465
When VirtualMode is not in use, the VIRTUAL HOST NAME is an empty string.
467
</blockquote></td></tr></table>
469
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Handling of unknown packets"><strong>Handling of unknown packets</strong></a></font></td></tr><tr><td><blockquote>
471
Sometimes even with a well negocied protocol, we may be in a situation
472
where one end (web server or servlet engine), will receive a message it
473
couldn't understand. In that case the receiver will send an
474
'UNKNOW PACKET CMD' with attached the unhandled message.
476
<div class="example"><pre>
477
+--------------------+------------------------+-------------------+
478
| UNKNOWN PACKET CMD | UNHANDLED MESSAGE SIZE | UNHANDLED MESSAGE |
479
+--------------------+------------------------+-------------------+
482
Depending on the message, the sender will report an error and if
483
possible will try to forward the message to another endpoint.
487
UNKNOWN PACKET CMD is 1 byte long.
490
UNHANDLED MESSAGE SIZE is 16bits long.
493
UNHANDLED MESSAGE is an array of byte (length is contained in UNHANDLED MESSAGE SIZE)
498
added UNHANDLED MESSAGE SIZE (development)
500
</blockquote></td></tr></table>
502
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Verification of connection before sending request"><strong>Verification of connection before sending request</strong></a></font></td></tr><tr><td><blockquote>
504
NOTA: This fonctionality may never be used, since it may slow up the normal process
505
since requiring on the web-server side an extra IO (read) before forwarding
508
One of the beauty of socket APIs, is that you could write on a half closed socket.
509
When servlet engine close the socket, the web server will discover it only at the
510
next read() to the socket.
511
Basically, in the AJP13 protocol, the web server send the HTTP HEADER and HTTP BODY
512
(POST by chunk of 8K) to the servlet engine and then try to receive the reply.
513
If the connection was broken the web server will learn it only at receive time.
515
We could use a buffering scheme but what happen when you use the servlet engine
516
for upload operations with more than 8ko of datas ?
518
The hack in the AJP13 protocol is to add some bytes to read after the end of the
521
<div class="example"><pre>
522
EXAMPLE OF DISCUSSION BETWEEN WEB SERVER AND SERVLET ENGINE
524
AJP HTTP-HEADER (+ HTTP-POST) (WEB->SERVLET)
526
AJP HTTP-REPLY (SERVLET->WEB)
528
AJP END OF DISCUSSION (SERVLET->WEB)
530
---> AJP STATUS (SERVLET->WEB AJP13)
533
The AJP STATUS will not be read by the servlet engine at the end of
534
the request/response #N but at the begining of the next session.
536
More at that time the web server could also use OS dependants functions
537
(or better APR functions) to determine if there is also more data
538
to read. And that datas could be CONTEXT Updates.
540
This will avoid the web server sending a request to a
541
desactivated context. In that case, if the load-balancing is used,
542
it will search for another servlet engine to handle the request.
544
And that feature will help ISP and big sites with farm of tomcat,
545
to updates their servlet engine without any service interruption.
547
<div class="example"><pre>
548
+------------+-------------+
549
| STATUS CMD | STATUS DATA |
550
+------------+-------------+
555
STATUS CMD and STATUS DATA are one byte long.
559
</blockquote></td></tr></table>
561
</blockquote></td></tr></table><table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Conclusion"><strong>Conclusion</strong></a></font></td></tr><tr><td><blockquote>
563
The goal of the extended AJP13 protocol is to overcome some of the original AJP13 limitation.
564
An easier configuration, a better support for large site and farm of Tomcat,
565
a simple authentification system and provision for protocol updates.
567
Using the stable ajp13 implementation in JK (native) and in servlet
568
engine (java), it's a reasonable evolution of the well known ajp13.
570
</blockquote></td></tr></table><table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Commands and IDs in extended AJP13 Index"><strong>Commands and IDs in extended AJP13 Index</strong></a></font></td></tr><tr><td><blockquote>
572
Index of Commands and ID to be added in AJP13 Protocol
575
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Commands IDs"><strong>Commands IDs</strong></a></font></td></tr><tr><td><blockquote>
578
<tr><th>Command Name</th><th>Command Number</th></tr>
579
<tr><td>AJP13_LOGINIT_CMD</td><td>0x10</td></tr>
580
<tr><td>AJP13_LOGSEED_CMD</td><td>0x11</td></tr>
581
<tr><td>AJP13_LOGCOMP_CMD</td><td>0x12</td></tr>
582
<tr><td>AJP13_LOGOK_CMD</td><td>0x13</td></tr>
583
<tr><td>AJP13_LOGNOK_CMD</td><td>0x14</td></tr>
584
<tr><td>AJP13_CONTEXT_QRY_CMD</td><td>0x15</td></tr>
585
<tr><td>AJP13_CONTEXT_INFO_CMD</td><td>0x16</td></tr>
586
<tr><td>AJP13_CONTEXT_UPDATE_CMD</td><td>0x17</td></tr>
587
<tr><td>AJP13_STATUS_CMD</td><td>0x18</td></tr>
588
<tr><td>AJP13_SHUTDOWN_CMD</td><td>0x19</td></tr>
589
<tr><td>AJP13_SHUTOK_CMD</td><td>0x1A</td></tr>
590
<tr><td>AJP13_SHUTNOK_CMD</td><td>0x1B</td></tr>
591
<tr><td>AJP13_CONTEXT_STATE_CMD</td><td>0x1C</td></tr>
592
<tr><td>AJP13_CONTEXT_STATE_REP_CMD</td><td>0x1D</td></tr>
593
<tr><td>AJP13_UNKNOW_PACKET_CMD</td><td>0x1E</td></tr>
597
</blockquote></td></tr></table>
599
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Negociations Flags"><strong>Negociations Flags</strong></a></font></td></tr><tr><td><blockquote>
602
<tr><th>Command Name</th><th>Number</th><th>Description</th></tr>
603
<tr><td>AJP13_CONTEXT_INFO_NEG</td><td>0x80000000</td><td>web-server want context info after login</td></tr>
604
<tr><td>AJP13_CONTEXT_UPDATE_NEG</td><td>0x40000000</td><td>web-server want context updates</td></tr>
605
<tr><td>AJP13_GZIP_STREAM_NEG</td><td>0x20000000</td><td>web-server want compressed stream</td></tr>
606
<tr><td>AJP13_DES56_STREAM_NEG</td><td>0x10000000</td><td>web-server want crypted DES56 stream with secret key</td></tr>
607
<tr><td>AJP13_SSL_VSERVER_NEG</td><td>0x08000000</td><td>Extended info on server SSL vars</td></tr>
608
<tr><td>AJP13_SSL_VCLIENT_NEG</td><td>0x04000000</td><td>Extended info on client SSL vars</td></tr>
609
<tr><td>AJP13_SSL_VCRYPTO_NEG</td><td>0x02000000</td><td>Extended info on crypto SSL vars</td></tr>
610
<tr><td>AJP13_SSL_VMISC_NEG</td><td>0x01000000</td><td>Extended info on misc SSL vars</td></tr>
616
<tr><th>Negociation ID</th><th>Number</th><th>Description</th></tr>
617
<tr><td>AJP13_PROTO_SUPPORT_AJPXX_NEG</td><td>0x00FF0000</td><td>mask of protocol supported</td></tr>
618
<tr><td>AJP13_PROTO_SUPPORT_AJP13L1_NEG</td><td>0x00010000</td><td>communication could use AJP13 Level 1</td></tr>
619
<tr><td>AJP13_PROTO_SUPPORT_AJP13L2_NEG</td><td>0x00020000</td><td>communication could use AJP13 Level 2</td></tr>
620
<tr><td>AJP13_PROTO_SUPPORT_AJP13L3_NEG</td><td>0x00040000</td><td>communication could use AJP13 Level 3</td></tr>
624
All others flags must be set to 0 since they are reserved for future use.
627
</blockquote></td></tr></table>
629
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Failure IDs"><strong>Failure IDs</strong></a></font></td></tr><tr><td><blockquote>
632
<tr><th>Failure Id</th><th>Number</th></tr>
633
<tr><td>AJP13_BAD_KEY_ERR</td><td>0xFFFFFFFF</td></tr>
634
<tr><td>AJP13_ENGINE_DOWN_ERR</td><td>0xFFFFFFFE</td></tr>
635
<tr><td>AJP13_RETRY_LATER_ERR</td><td>0xFFFFFFFD</td></tr>
636
<tr><td>AJP13_SHUT_AUTHOR_FAILED_ERR</td><td>0xFFFFFFFC</td></tr>
639
</blockquote></td></tr></table>
641
<table width="100%" cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Status"><strong>Status</strong></a></font></td></tr><tr><td><blockquote>
644
<tr><th>Failure Id</th><th>Number</th></tr>
645
<tr><td>AJP13_CONTEXT_DOWN</td><td>0x01</td></tr>
646
<tr><td>AJP13_CONTEXT_UP</td><td>0x02</td></tr>
647
<tr><td>AJP13_CONTEXT_OK</td><td>0x03</td></tr>
650
</blockquote></td></tr></table>
652
</blockquote></td></tr></table></td></tr><!--FOOTER SEPARATOR--><tr><td colspan="2"><hr size="1" noshade="noshade"></td></tr><!--PAGE FOOTER--><tr><td colspan="2"><div align="center"><font size="-1" color="#525D76"><em>
653
Copyright © 1999-2005, Apache Software Foundation
654
</em></font></div></td></tr></table></body></html>
b'\\ No newline at end of file'