tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fred Blaise <chapeauro...@madpenguin.org>
Subject [SOLVED] Re: web.xml - <security-constraint> oddity/problem
Date Thu, 07 Oct 2004 04:57:39 GMT
Well, that was an easy fix...
I just changed the redirect port of the Coyote/JK2 AJP 1.3 Connector on
port 8009, to 443 instead of 8443... :)

Fred

On Wed, 2004-10-06 at 22:56 -0500, Fred Blaise wrote:
> Hello
> 
> I am running apache 2.0.46 with SSL with tomcat/mod_jk2, white box
> linux. I do not have tomcat running SSL on 8443.
> 
> So I have this issue with my app... I am securing my app with the
> <security-constraint> tag in web.xml (connected to mysql backend), 
> 
> it works perfectly with the <url-pattern>/clients.jsp</url-pattern>.
> clients.jsp is a https:// uri, therefore my apache SSL is handling it,
> and so is the remaining of the session (?). However, if i throw
> <url-pattern>/index.jsp</url-pattern>, which is a http:// uri, then
> tomcat tries to connect to port 8443 (instead of 443), where of course
> it fails miserably since nothing is running there.
> 
> I guess my question is, why is tomcat trying to get to port 8443, when
> none of my uri point to https://myhost:8443, but simply to
> https://myhost  (which should be handled on port 443 by my apache ssl)?
> 
> I don't know if i have been very clear... I always suck at explaining my
> pb :P Please ask me if I can clarify....
> 
> Thanks a lot
> 
> Best Regards
> 
> Fred
> 
> 
> <?xml version="1.0" encoding="ISO-8859-1"?>
> 
> <!DOCTYPE web-app
>    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
>    "http://java.sun.com/dtd/web-app_2_3.dtd">
> 
> <web-app>
> 
> <!-- Beginning of web.xml deployment descriptor -->
> 
> <security-constraint>
>     <web-resource-collection>
>         <web-resource-name>Client login</web-resource-name>
>         <url-pattern>/clients.jsp</url-pattern>
>         <http-method>GET</http-method>
>         <http-method>POST</http-method>
>     </web-resource-collection>
> 
>     <auth-constraint>
>         <role-name>clients</role-name>
>     </auth-constraint>
> 
>     <user-data-constraint>
>         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>     </user-data-constraint>
> 
> </security-constraint>
> 
> <login-config>
> 
>     <auth-method>FORM</auth-method>
> 
>     <form-login-config>
> 
>         <form-login-page>/login.jsp</form-login-page>
>         <form-error-page>/loginError.jsp</form-error-page>
> 
>     </form-login-config>
> 
> </login-config>
> 
> <security-role>
>     <role-name>clients</role-name>
> </security-role>
> 
> </web-app>
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message