I'm running into an issue where I can't find a good way to detect (preferably from the predicate language) when a request has come from an AJP listener.
My main use case here is enforcing the AJP secret, which I had previously been told to enact as a simple handler like so:
not equals( {%{r,secret}, '$ecret!' ) -> set-error(403)
However, if my server has an HTTP and an AJP listener, I obviously would only want to enforce the AJP secret for traffic coming over... the AJP port.
My first thought was to simply add this predicate this:
equals( %{LOCAL_PORT}, 8009} )
However when testing with an Apache server using proxyPass and AJP
Undertow reports the scheme as "http" and the server port as 8080, which is the port Apache was listening on. It seems all the AJP details have been seamlessly replaced with the upstream details, which is great for my web app, but not so great for my attempt to detect which requests have come from AJP!
What is the solution here? Is there something in the exchange I can look for to know what requests came over what specific AJP port? Is this accessible from an exchange attribute in the predicate language?
Thanks!
~Brad