geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Bradley <ma...@tera.teralink.com>
Subject Webapps exposed on distinct ports
Date Thu, 12 Oct 2006 14:33:10 GMT
Greetings all,

I am trying to figure out how to solve this exact same problem as  
described by Rick (below) where I need to deploy different apps to  
different tomcat connectors on different ports (already available).

David says this capability became available in 1.1.   Does anyone  
know how to do this?

Thanks,

-Mark

------

On Jun 13, 2006, at 9:34 AM, Rick Sears wrote:


     Hello everyone,

     I've been trolling the web the past couple days looking for
     examples/information on how to accomplish something that is  
currently
     being done in an application we are looking at porting to run under
     Geronimo.  We would like to be able to expose one webapp on a  
non-ssl
     port, say 12345, while having another webapp also running in  
Geronimo
     running on a different ssl-enabled port, say 54321.  The webapp
     running on the ssl-enabled port should not be accessible from  
the non
     ssl-enabled port.

     I've looked at a bunch of the Geronimo documentation, but all the
     things i've tried have come up short using Geronimo 1.0.  There  
seems
     to be an example of doing something similar using Geronimo 1.1

     (http://opensource.atlassian.com/confluence/oss/display/ 
GERONIMO/ Exposing+Web+Applications+on+distinct+ports),

     but I am just wondering if i'm missing something that is also
     available on Geronimo 1.0.  The references to the <web-app> tag  
under
     the <module> tag are problematic in Geronimo 1.0, but I can't  
see any
     other way of tying a given deployed webapp to a particular Tomcat
     container (that is exposed on one set of ports but not the other).

     If anyone has any examples/information on how to tie a deployed  
Tomcat
     webapp to a particular container with a distinct set of exposed  
ports,
     please let me know.

This capability is new in 1.1. In 1.0, you might possibly be able to  
get something to work by using virtual hosts, but I'm not enough of  
an expert on that to give you good advice. In particular I don't know  
how reliable it would be.

One other thing you might be able to use to prevent access from the  
non-ssl port is use j2ee web security to require the CONFIDENTIAL  
transport guarantee for the secured app. This probably wouldn't hide  
the existence of the secured app but would prevent access: I think  
you'd get a "forbidden" error rather than a "not found"

thanks
david jencks



Mime
View raw message