tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fred Blaise <>
Subject web.xml - <security-constraint> oddity/problem
Date Thu, 07 Oct 2004 03:56:50 GMT

I am running apache 2.0.46 with SSL with tomcat/mod_jk2, white box
linux. I do not have tomcat running SSL on 8443.

So I have this issue with my app... I am securing my app with the
<security-constraint> tag in web.xml (connected to mysql backend), 

it works perfectly with the <url-pattern>/clients.jsp</url-pattern>.
clients.jsp is a https:// uri, therefore my apache SSL is handling it,
and so is the remaining of the session (?). However, if i throw
<url-pattern>/index.jsp</url-pattern>, which is a http:// uri, then
tomcat tries to connect to port 8443 (instead of 443), where of course
it fails miserably since nothing is running there.

I guess my question is, why is tomcat trying to get to port 8443, when
none of my uri point to https://myhost:8443, but simply to
https://myhost  (which should be handled on port 443 by my apache ssl)?

I don't know if i have been very clear... I always suck at explaining my
pb :P Please ask me if I can clarify....

Thanks a lot

Best Regards


<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
   PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"


<!-- Beginning of web.xml deployment descriptor -->

        <web-resource-name>Client login</web-resource-name>












To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message