tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julie Moore" <jmo...@orchardsoft.com>
Subject RE: With tomcat 5 redirects to a secure port the connection fails
Date Tue, 06 Sep 2005 14:45:43 GMT
Does anyone have a site that is running through a proxy? Could there be
something I am missing because of that?

-----Original Message-----
From: Julie Moore [mailto:jmoore@orchardsoft.com] 
Sent: Monday, August 29, 2005 1:50 PM
To: tomcat-user@jakarta.apache.org
Subject: With tomcat 5 redirects to a secure port the connection fails

 

I have updated a site from tomcat 4 to tomcat 5 and my link that used to
redirect to a secure site now fails. I see the webpage tying to connect
with my internal IP address instead of the external URL that the request
came in one. If I connect to https://www.x.com and hit the link to the
secure page my page displays correctly. But if I hit it from
http://www.x.com <http://www.x.com/>  the secure page does not display.

 

The page that displays has not changed. It has a relative link to the
webapp that I want to have as secure.

 

I have the server.xml connectors defined:

 

    <Connector port="80"     minThreads="150" maxSpareThreads="75"
minSpareThreads="25"

               enableLookups="true" redirectPort="443"

               acceptCount="100" debug="0" connectionTimeout="20000"

               disableUploadTimeout="true" />

 

 

    <!-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -->

    

 

       <Connector port="443" maxHttpHeaderSize="8192"

               maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"

               enableLookups="false" disableUploadTimeout="true"

               acceptCount="100" scheme="https" secure="true"

               clientAuth="false" sslProtocol="TLS"
keystoreFile="c:\tomcat\conf\keystore.ks" />

 

and the following in  the web.xml of my application I wish to have
available only as secure:

 

<security-constraint>
      <web-resource-collection>
             <web-resource-name>Entire Application</web-resource-name>
             <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <user-data-constraint>
             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
</security-constraint>
 
 
What have I missed?
Jmoore
 
 
 

 

 

 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message