tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Jacobson <>
Subject SSL, JK redirect question
Date Thu, 24 Oct 2002 09:59:50 GMT
I have tc4.1.12, Apache 2.0.43 mod_ssl and mod_jk set up and working 
successfully on my Mac (OS X 10.1.5), but tweaking the Apache config to 
get it to work was... involved, let's say :-)

Users enter the site (using http: protocol) at /drs/home. This contains 
a button labelled "Login" that takes them to /drs/private/home. Because 
/drs/private/* is under a security contraint, it triggers a redirect to 
/drs/login which POSTs to j_security_check, etc.

Previously, using tomcat-standalone, the 
<transport-guarantee>CONFIDENTIAL</transport-guarantee> triggered the 
switch to https: - however, this no longer works when Apache/mod_jk are 
in the loop.

Because /drs/private/* isn't accessible via http: I was getting an 
Apache-generated 404 error when the login button on the home page was 
clicked: the solution I found was to place a
Redirect /drs/private/home https://<host>/drs/private/home
in httpd.conf

Of course, this gives an extra redirect, and seems inelegant...does 
anyone have a better solution? [And no, I don't think mod_rewrite is a 
better solution!]


PS I don't want to hard-code the full URL in the button on-click 
handler, as I don't want to have Yet Another Thing To Change when I move 
to the production server.

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message