Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Enable AJP Connector in Identity Manager

Owned by Ann Base (Deactivated)
Last updated: Feb 23, 2024 by Ylva AnderssonVersion comment
2 min read

This article is valid for Smart ID 21.04 and later.

This article describes how to enable the AJP Connector in Smart ID Identity Manager.

<SMARTIDHOME>

In this article, <SMARTIDHOME> refers to /home/nexus, but this can be different depending on the setup.

The Apache JServ Protocol (AJP) can be used via the AJP connector, see Apache Tomcat 9 Configuration Reference (9.0.40) - The AJP Connector.

  1. Enable the AJP connector:

    1. Open this file for editing: <SMARTIDHOME>/docker/compose/identitymanager/config/tomcat-server.xml. 
      The changes will affect Identity Manager operator, admin, and tenant.

    2. Enable the AJP Connector by removing the comments <!-- and – > and make the necessary settings to fit the AJP.

      <!-- <Connector protocol="AJP/1.3" address="127.0.0.1" port="8009" secretRequired="true" secret="<YOURSECRETHERE>" tcpNoDelay="true" redirectPort="8443" /> --> <!-- You should set jvmRoute to support load-balancing via AJP ie : <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">

       

  2. For each container where the AJP Connector shall be used (operator, admin, and tenant), enable the port mapping: 

    1. Open this file for editing: <SMARTIDHOME>/docker/compose/identitymanager/<admin|operator|tenant>/docker-compose.yml.

    2. Enable port mapping by removing "#". If you want to use another external port for IDM, change IDM_OPERATOR_PORT_AJP in <SMARTIDHOME>/docker/compose/smartid.env.

      # - "${IDM_OPERATOR_PORT_AJP}:8009"

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions