tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David H Elrod <>
Subject Re: Tomcat + SSL
Date Mon, 05 Jun 2000 18:04:23 GMT

My approach was to use ServletRequest.getServerPort()
to see if the connection was via SSL.

I tried
among other calls, but they don't seem to be implemented in Tomcat
yet. However, ServletRequest.getServerPort() returns "80" when I
call it via HTTP, and "443" when I call it via HTTPS. My browser
(Linux Netscape 4.73) shows the little lock that means it is a
secure connection, and my SSL log shows an SSL transaction, so
I ***think*** this is a good way.

The servlet code I use is:

	int port = request.getServerPort();
	if (port != 443) { return; }

which returns if the connection didn't come in via port 443.

If you find a better way, please let me know! :>


> Let me make sure I understand you.
> > Configure Tomcat to only use the "ajpv12" protocol (in the
> > server.xml file). Have Apache handle all http/https
> > traffic.
> This simply shuts down Tomcat's http server, right?
> > In the "tomcat.conf" file (which will be read in at the end of your
> > httpds.conf file) put lines similar to the following:
> > ApJservMount /examples ajpv12://localhost:8007/examples
> (I'm assuming "httpds.conf" was simply a typo, and not a config file that I
> am unaware of. Is that right?)
> This routes any Apache requests with an URL pattern of /examples to Tomcat,
> regardless of the underlying protocol, right? If so, how do you allow only
> https (encrypted) requests to get to Tomcat, rejecting http (plain text)
> requests? Is there a mechanism for catching this at the web server level, or
> must each servlet check the encryption status of the request?
> As I think about this it seems more like a web server issue than a Servlet
> container issue. Perhaps there is a way to tell Apache to only allow
> encrypted access to a particular URL pattern. Surely this facility must
> exist to protect static pages. If so, Apache could catch the request and
> deny it before it as ever forwarded to Tomcat.
> Does anyone know?
> ====================================================
> A. Scott White
> Director of Information Systems and Product Strategy
> ACS Healthcare Solutions Group

David Hunter Elrod                   Rivendell Technologies, Inc                1111 W. El Camino #109, PMB348             Sunnyvale, CA 94087-0126
Voice: 650/254-1790                  Fax: 650/254-1792

View raw message