tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oscar Carrillo <tom...@daydream.stanford.edu>
Subject RE: Enabling SSL on specific URLs using IIS and Tomcat
Date Thu, 08 Jan 2004 19:56:01 GMT
This is one of the reasons why I like to use Apache in front of Tomcat. 
It's pretty easy to do with Apache. Not to mention IIS is a bear to get to 
work under Linux ;) I would imagine there is a similar config for IIS 
though.

Oscar

On Thu, 8 Jan 2004, cprs-develop wrote:

> Hi:
> 
> That's what I have been trying to do. If you can recommend any alternate
> method to allow only https access to secure URLs, I would greatly
> appreciate it.
> 
> Thanks,
> Vic
> 
> 
> -----Original Message-----
> From: Shapira, Yoav [mailto:Yoav.Shapira@mpi.com] 
> Sent: Thursday, January 08, 2004 2:38 PM
> To: Tomcat Users List
> Subject: RE: Enabling SSL on specific URLs using IIS and Tomcat
> 
> 
> 
> Howdy,
> Almost certainly the ISAPI Redirector's fault, since as you mention
> Tomcat works fine by itself.  What if you only allow https access to
> secure URLs?
> 
> Yoav Shapira
> Millennium ChemInformatics
> 
> 
> >-----Original Message-----
> >From: cprs-develop [mailto:cprs-develop@comperis.com]
> >Sent: Thursday, January 08, 2004 2:33 PM
> >To: tomcat-user@jakarta.apache.org
> >Subject: Enabling SSL on specific URLs using IIS and Tomcat
> >Importance: High
> >
> >Hello All:
> >
> >I am running Apache Tomcat 4.1.27, with IIS 5.0 on Windows 2000 
> >Professional configured to serve the JSP pages using the ISAPI 
> >redirector.
> >
> >I have also configured SSL support using the Windows IIS management 
> >console.
> >
> >Currently JSP pages can be accessed using the 
> >http://SomeHost/SomeDirectory or https://SomeHost/SomeDirectory URL.
> >
> >I am trying to specify URLs that should be available only through SSL. 
> >For this, I have added the <security-constraint> section in web.xml for
> 
> >the relevant webapp directory.
> >
> ><web-app>
> >. . . . .
> ></welcome-file-list>
> >
> ><!-- All resources under the /SSL directory should only be available
> via
> >SSL -->
> >
> ><security-constraint>
> >    <web-resource-collection>
> >	<web-resource-name>SSL</web-resource-name>
> >	<url-pattern>/SSL/*</url-pattern>
> >    </web-resource-collection>
> >    <user-data-constraint>
> >	<transport-guarantee>CONFIDENTIAL</transport-guarantee>
> >    </user-data-constraint>
> >  </security-constraint>
> >
> ></web-app>
> >
> >Now, when I try to access the resources under the /SSL directory,
> (using
> >http or https) IIS gives me a "Page not found" error message.
> >
> >However, if I disable IIS and run Tomcat independently, directory 
> >security is enabled, and everything works fine, i.e., if I use 
> >http://SomeHost/webapp/SSL, it automatically redirects to 
> >https://SomeHost/webapp/SSL.
> >
> >I found an earlier thread
> >(http://mikal.org/interests/java/tomcat/archive/view?mesg=44502) which 
> >mentions that the ISAPI redirector may be to blame, but I am not sure
> if
> >it applies in this scenario.
> >
> >Any help would be greatly appreciated.
> >
> >Thanks,
> >Vic
> >
> >
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 
> 
> This e-mail, including any attachments, is a confidential business
> communication, and may contain information that is confidential,
> proprietary and/or privileged.  This e-mail is intended only for the
> individual(s) to whom it is addressed, and may not be saved, copied,
> printed, disclosed or used by anyone else.  If you are not the(an)
> intended recipient, please immediately delete this e-mail from your
> computer system and notify the sender.  Thank you.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message