tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Freyr Stefansson <>
Subject RE: Directory listing problem and two way authentication bugfix/enhancement
Date Wed, 20 Sep 2000 10:56:12 GMT
        <Connector className="org.apache.tomcat.service.PoolTcpConnector">
            <Parameter name="handler"

            <Parameter name="port"
            <Parameter name="socketFactory"
                value="" />
	    <Parameter name="clientAuth"
	        value="true" />
	    <Parameter name="keystore"
	        value="c:\002.keystore" />
	    <Parameter name="keypass"
	        value="passphrase" />
	    <Parameter name="secure"
		value="true" />

This is how the server.xml should look when using the updated
SSLSocketFactory class I posted.  You were right... adding the "secure"
parameter did the trick with the directory listing problem... now it
redirects from https://localhost to https://localhost/index.html.

So everything is working fine and dandy now but you should probably add the
line <Parameter name="secure" value="true" /> to the SSL part of the
server.xml (the part where you say "uncomment for ssl support") and put that
in circulation...  This solution doesn't really jump out when you have this
problem ;o)

I still haven't received any answer about how to post a bugfix like the
SSLSocketFactory...  How do I formally submit a bugfix like that?

Kind regards, Stefan.

-----Original Message-----
From: []
Sent: 18. september 2000 15:15
Subject: Re: Directory listing problem and two way authentication

> an answer from Ismael Blesa Part.  He told me that what I was experiencing
> was a "directory listing problem".  This problem behaves in a way that if
> you type in https://localhost/ on your browser the webserver is
> the browser to the address http://localhost:443/index.html instead of
> https://localhost/index.html which is a bad thing since the browser then
> doesn't know that he's talking through SSL.

Can you try to add "secure="true"" to the tcp connector configuration ?
This is supposed to let tomcat know it's a secure connection.

( it's very hard to detect this - the adapter may use a different
implementation than JSSE, or it may use TCP to get requests from
Apache+SSL, etc ).

Let me know if this helps.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message