tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benjamin Armintor" <Ben.Armin...@austin.utexas.edu>
Subject RE: Tomcat returning absolute http:// URL behind SSL Proxy instead of keeping https://
Date Thu, 08 Apr 2004 04:43:39 GMT
If you're using the JK connector, you can configure this with the scheme attribute of the connector
in your server.xml.  If you're using an HTTP connector, you're in a bit of a bind, as far
as I know.  When we did this, I cloned and modified the CoyoteConnector class to support a
proxyScheme attribute.  It worked, but the other implications of the http proxy were enough
to get us to run AJP/JK.  Now, if only someone would write an NSAPI module for JK2...

- Ben


-----Original Message-----
From:	Fletcher Cocquyt [mailto:fcocquyt@stanford.edu]
Sent:	Wed 4/7/2004 8:51 PM
To:	tomcat-user@jakarta.apache.org
Cc:	
Subject:	Tomcat returning absolute http:// URL behind SSL Proxy instead of keeping https://
Hi,
We have the classic 3 tiered webapp architecture with BigIP
loadbalancers acting as SSL Proxies - such that requests for the webapp:
 
https://server/jkmount/
 
1)       Come into the BigIP - the BigIP Proxies the HTTPS and sends the
same request to the Apache servers on port 80
2)       Apache sees the URI with a matching jkmount and sends the
request to the Tomcat worker
3)       PROBLEM: tomcat constructs the absolute URL to return based on
the assumption its port 80 and returns the insecure
http://server/jkmount/index.jsp
 
Found some relevant docs here:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/proxy-howto.html
 
But its unclear how to get tomcat to keep the https:// instead of
returning the absolute http:// 
 
Apache 2.0.48
Tomcat 4.1.30
 
Thanks for any tips!
 
Fletcher Cocquyt
Senior Systems Administrator
fcocquyt@stanford.edu
 





Mime
View raw message