tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wade Billings" <wbilli...@lowermybills.com>
Subject RE: Tomcat-Apache and SSL- Re-Post
Date Wed, 15 Sep 2004 04:05:03 GMT
Thank you for the suggestion, I will try this tomorrow and post the
results.

Cheers,

Q. Wade Billings

-----Original Message-----
From: news [mailto:news@sea.gmane.org] On Behalf Of Bill Barker
Sent: Tuesday, September 14, 2004 7:27 PM
To: tomcat-user@jakarta.apache.org
Subject: Re: Tomcat-Apache and SSL- Re-Post

The localPort that mod_jk(2) sends depends on the Apache setting for
UseCannonicalName.  If you set it to 'off', then it should always send
the
TCP port (as opposed to the configured port).

"Wade Billings" <wbillings@lowermybills.com> wrote in message
news:9216686F09CDEC4BBCC9B08203C21348040F60@lmbpexc01.lmbcorp.com...
The AJP port is 8009 (stock), but the issue lies where our application
takes the port (80/8000) and determines whether or not the page is
suppose to be secure (https). Since the load balancer does all of the
SSL for us, everything is passed to the web/app server as http, and it
appears that tomcat is assuming that because it is http, it came from
port 80. Apache is currently configured to listen for http traffic on
both ports 80 and 8000.

Jrun is able to take the port number and pass that to the app. When we
do a request.getLocalPort(), it returns port 80, when it should be
returning port 8000.

Is there a way to tell tomcat (using the AJP/13 connector) to pass
through the port number from the requestor? Do you think that this is an
Apache, or Tomcat configuration issue?

Again, any help is greatly appreciated.

Cheers,

Q. Wade Billings

> -----Original Message-----
> From: news [mailto:news@sea.gmane.org] On Behalf Of Bill Barker
> Sent: Sunday, September 12, 2004 1:12 PM
> To: tomcat-user@jakarta.apache.org
> Subject: Re: Tomcat-Apache and SSL- Re-Post
>
> If 8000 is the Apache port, then use request.getLocalPort().  If 8000
is
> the
> AJP port, it can't be done.
>
> "Wade Billings" <wbillings@lowermybills.com> wrote in message
> news:9216686F09CDEC4BBCC9B08203C21348040F5B@lmbpexc01.lmbcorp.com...
> Here is a fun one for ya all... We recently decided to migrate from a
> Jrun/Apahe platform to an Apache2.0/Tomcat5.0 platform. Everything
went
> great until we placed it into production and found that our SSL sites
> were broken.
>
>
>
> Here are the details, and forgive me, as I am not a developer so I may
> misquote some Java terminology.... Be patient...
>
>
>
> WE determine whether or not a page is secured via which port it is
> sourced from. We have a pair of load balancers, which handle all of
the
> SSL, and pass only HTTP/1.1 back to the actual web servers where the
JVM
> sits. IN order for the app to determine whether or not it is secure,
we
> source all SSL'ized traffic from port 8000. This setup works very well
> on Jrun, but not so well on Tomcat. It appears that for some reason,
the
> source port of 8000 is either lost or ignored during the
> Apache/AJP13/Tomcat conversation.
>
>
>
> What I need to be able to do is to get Tomcat to recognize that the
> source port from the load balancer has changed from port 80 to port
8000
> so our app will behave correctly and will present our pages as secure.
>
>
>
> Any help is greatly appreciated.....
>
>
>
> Cheers,
>
>
>
> Q. Wade Billings
>
>
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message