From tomcat-user-return-91615-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org Tue Feb 03 14:14:59 2004 Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 1458 invoked from network); 3 Feb 2004 14:14:59 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 3 Feb 2004 14:14:59 -0000 Received: (qmail 16173 invoked by uid 500); 3 Feb 2004 14:13:10 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 16142 invoked by uid 500); 3 Feb 2004 14:13:09 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 15997 invoked from network); 3 Feb 2004 14:13:08 -0000 Received: from unknown (HELO computingoasis.com) (67.36.155.174) by daedalus.apache.org with SMTP; 3 Feb 2004 14:13:08 -0000 Content-class: urn:content-classes:message MIME-Version: 1.0 Subject: RE: HTTPS with Apache 2.0.48 and Tomcat 5.0.16 Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01C3EA5F.F4CD7D6A" X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0 Date: Tue, 3 Feb 2004 09:13:54 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: HTTPS with Apache 2.0.48 and Tomcat 5.0.16 thread-index: AcPp2tmNB6/nCDYARvW4faEesDB6ZQAhA48Z From: "Dean Searle" To: "Tomcat Users List" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N ------_=_NextPart_001_01C3EA5F.F4CD7D6A Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Here is part of my httpd.conf for and Apache2, Tomcat 4.1.29 and mod_jk2 = setup. This is only for the Virtual host part. Assuming you have = everyhting else loading correctly it should work. NameVirtualHost 127.0.0.1:443 NameVirtualHost 127.0.0.1:80 ServerName www.domain.com ServerAlias domain.com Redirect permanent / https://www.domain.com ServerName www.domain.com ServerAlias domain.com DocumentRoot z:/tomcattest/webapps ErrorLog z:/tomcattest/logs/domain_error.log CustomLog z:/tomcattest/logs/domain_access.log common SSLEngine On SSLCertificateFile conf/ssl/domain.crt SSLCertificateKeyFile conf/ssl/domain.key.unsecure SSLCACertificateFile conf/ssl/intermediate.crt SSLRequireSSL =09 AllowOverride None deny from all =09 JkUriSet group ajp13:localhost:8109 The JkMount directives only work for mod_jk. Mod_jk2 requires a whole = new set of directives to work. Following is my server.xml and = workers2.properties that should help. ***workers2.properties*** # only at beginnin. In production uncomment it out [logger.apache2] level=3DDEBUG [shm] file=3Dz:/tomcat/logs/jk2.shm size=3D1048576 # Example socket channel, override port and host. [channel.socket:localhost:8109] port=3D8109 host=3D127.0.0.1 [channel.socket:localhost:8110] port=3D8110 host=3D127.0.0.1 [channel.socket:localhost:8111] port=3D8111 host=3D127.0.0.1 #[channel.jni:jni] #info=3DThe jni channel, used if tomcat is started inprocess [status:] info=3DStatus worker, displays runtime information #[vm:] #info=3DParameters used to load a JVM in the server process #JVM=3DC:\jdk\jre\bin\hotspot\jvm.dll #OPT=3D-Djava.class.path=3DZ:/Tomcat/bin/tomcat-jni.jar;Z:/Tomcat/server/= lib/commons-logging.jar #OPT=3D-Dtomcat.home=3D${TOMCAT_HOME} #OPT=3D-Dcatalina.home=3D${TOMCAT_HOME} #OPT=3D-Xmx128M #OPT=3D-Djava.compiler=3DNONE #disabled=3D0 #[worker1.jni:onStartup] #info=3DCommand to be executed by the VM on startup. This one will start = tomcat. #class=3Dorg/apache/jk/apr/TomcatStarter #ARG=3Dstart #disabled=3D0 #stdout=3DZ:/tomcat/logs/stdout.log #stderr=3DZ:/tomcat/logs/stderr.log #[worker1.jni:onShutdown] #info=3DCommand to be executed by the VM on shutdown. This one will stop = tomcat. #class=3Dorg/apache/jk/apr/TomcatStarter #ARG=3Dstop #disabled=3D0 # Define the worker # First Web Application Worker [ajp13:localhost:8109] channel=3Dchannel.socket:localhost:8109 # Second Web Application Worker [ajp13:localhost:8110] channel=3Dchannel.socket:localhost:8110 # Third Web Application Worker [ajp13:localhost:8111] channel=3Dchannel.socket:localhost:8111 Uri mapping [uri:127.0.0.1/*.jsp] worker=3Dajp13:localhost:8109 [uri:/jkstatus/*] info=3DDisplay status information and checks the config file for = changes. worker=3Dstatus:status [uri:www.domain.com/*.jsp] group=3Dajp13:localhost:8109 ***server.xml*** ***This is the only section you need to make sure is enabled. Leave = everything else alone. Note: the port designated here might be different = than yours. You can use any port you want here as long as you use the = same port in the httpd.conf and the workers2.properties file.**** ***I hope that this helps you out.*** Dean -----Original Message----- From: Oscar Carrillo [mailto:tomcat@daydream.stanford.edu] Sent: Mon 2/2/2004 4:04 PM To: Tomcat Users List; ralf@tapfere-schneiderleins.de Subject: Re: HTTPS with Apache 2.0.48 and Tomcat 5.0.16 =20 Hi, The JkMount directives tell Apache to pass these request thru the=20 Connector to Tomcat. I do this very same thing for jWebMail, cause I don't want it accessible = thru http, only https. Here's my ssl.conf config section for it: -------------------------------------------------------------- #Other stuff about your ssl host #Webmail # Static files Alias /webmail "/usr/local/tomcat/webapps/webmail" Options Indexes FollowSymLinks DirectoryIndex index.jsp AllowOverride None deny from all AllowOverride None deny from all JkMount /webmail/do/* ajp13 JkMount /webmail/*.jsp ajp13 JkMount /webmail/WebMail ajp13 JkMount /webmail/WebMail/* ajp13 --------------------------------------- Does that help? BTW, this is all on my site but there's quite a bit of = stuff there that you can miss it. Oscar http://www.linuxjava.net/howto/webapp/ On Mon, 2 Feb 2004, Ralf Schneider wrote: > Am Montag, 2. Februar 2004 21:26 schrieb Oscar Carrillo: > > I believe you need to setup a VirtualHost section in httpd.conf even = if > > you don't really need Virtual Hosting. >=20 > I did that. >=20 > > Also try Redirecting the whole site. I'm not sure if I've tried just = the > > webapp. I'm not sure if you need to compile the rewrite module for = the > > redirect, but I don't think so. > > > > #httpd.conf VirtualHost section of myhost.mydomain > > Redirect / https://myhost.mydomain/mywebapp >=20 > But I don't want to do this with the whole site, because there are = parts that=20 > should be accessible with normal HTTP. >=20 > > Also, you can't include the mod_jk configuration. You must put the = mount > > commands explicitly in each virtual host. If you include the modjk = conf > > file "Include mod_jk.conf", then it will be global and all hosts = will get > > access. This is likely your problem especially if you haven't put = mod_jk > > mount commands in "ssl.conf". >=20 > I did not put any JKMount statements in ssl.conf. Which do I need? = Something=20 > like this: >=20 > JKMount /demo_02/* ajp13 >=20 > Or anything else? I think I did not understood correctly what this = JkMount=20 > does. >=20 > Ralf. >=20 >=20 > --------------------------------------------------------------------- > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org >=20 --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org ------_=_NextPart_001_01C3EA5F.F4CD7D6A Content-Type: text/plain; charset=us-ascii --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org ------_=_NextPart_001_01C3EA5F.F4CD7D6A--