tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Delbecq <de...@oma.be>
Subject Re: AJP Connector - Problems Proxying HTTPS Connections
Date Mon, 05 Feb 2007 15:05:15 GMT
Not speaking of tomcat, as far as i know https and virtual hosting do
not mix very well unless the same certificate is used for all hosts.

En l'instant précis du 02/05/07 15:53, Bill Bailey s'exprimait en ces
termes:
> Hi,
>
>  
>
> I am trying to run Tomcat 5.5.20 behind Win32 Apache HTTPD 2.2.4 with
> SSL (downloaded from apachelounge.com) using the AJP connector. 
>
>  
>
> I have a virtual host configured on both Tomcat and Apache HTTPD.
>
>  
>
> Everything works fine if I configure my Apache HTTPD virtual host to run
> unsecured on port 80, but if I set it up to run secured on port 443, it
> appears that when it forwards an https request to Tomcat, Tomcat is
> redirecting Apache to http://www.resourcepoint.org
> <http://www.resourcepoint.org/> . If I also have the port 80 virtual
> host configured in Apache HTTPD, it simply resubmits the http request to
> Tomcat which happily processes it (but obviously this is not what was
> wanted since I am now running unsecured). If the Apache HTTPD port 80
> virtual host hasn't been configured, Apache can't find a suitable
> virtual host and tries to serve up the document from htdocs and, of
> course, fails.
>
>  
>
> I can see in Apache HTTPD log files where it is successfully getting the
> https request and I can see a connection accepted on port 8009 in the
> tomcat log files (followed by a line containing Location =
> http://www.resourcepoint.org/index.jsp). Finally, in the case where the
> Apache HTTPD port 80 virtual host is not configured I can see entries in
> the Apache HTTPD error file where it says the file could not be found in
> htdocs (because that isn't where it is).
>
>  
>
> My question is: 
>
>  
>
> Why doesn't Tomcat process this https request? Why is it redirecting
> Apache to an http URL? Am I missing some configuration parameter that
> I'm unaware of?
>
>  
>
> I have included fragments of both my Apache and Tomcat configuration
> files below.
>
>  
>
> Thanks in advance for any assistance you can provide.
>
>  
>
> Bill Bailey
>
> Senior Developer / DBA
>
> Northland, A Church Distributed
>
>  
>
> Apache Virtual Host Configuration Fragment
>
>  
>
> NameVirtualHost xxx.xx.xx.x:443
>
>  
>
> <VirtualHost xxx.xx.xx.x:443>
>
>  
>
>       # General setup for the virtual host
>
>  
>
>       ServerName www.resourcepoint.org:443
>
>       DocumentRoot E:\Apache2\vhosts\resourcepoint
>
>       ServerAlias www.resourcepoint.org:443
>
>       ErrorLog logs/resourcepoint-ssl-error_log
>
>       CustomLog logs/resourcepoint-ssl-access_log common
>
>  
>
>       <Directory "E:/Apache2/vhosts/resourcepoint">
>
>  
>
>             ... directory stuff in here ...
>
>  
>
>       </Directory>
>
>  
>
>       <Location / >
>
>  
>
>             ProxyPass ajp://127.0.0.1:8009/
>
>             ProxyPassReverse ajp://127.0.0.1:8009/
>
>  
>
>       </Location>
>
>  
>
>       ... SSL stuff here ...
>
> </VirtualHost>
>
>  
>
> Tomcat Virtual Host Configuration Fragment
>
>  
>
> <Service name="Catalina">
>
>  
>
>   <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
>
>  
>
>   <Connector port="8888"
>
>              address="127.0.0.1"
>
>              maxHttpHeaderSize="8192"
>
>              maxThreads="150" 
>
>              minSpareThreads="25" 
>
>  maxSpareThreads="75"
>
>              enableLookups="false" 
>
>              redirectPort="8443"
>
>              acceptCount="100"
>
>              connectionTimeout="20000" 
>
>              disableUploadTimeout="true" />
>
>  
>
>   <!-- Define an AJP 1.3 Connector on port 8009 -->
>
>          
>
>   <Connector port="8009" 
>
>              address="127.0.0.1"
>
>              enableLookups="false"  
>
>              protocol="AJP/1.3" 
>
>              secure="true"
>
>              scheme="https"
>
>              proxyName="www.resourcepoint.org" 
>
>              proxyPort="443" />
>
>  
>
>   <!-- Define the top level container in our container hierarchy -->
>
>  
>
>   <Engine name="Catalina" defaultHost="www.resourcepoint.org">
>
>  
>
>     <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> resourceName="UserDatabase" />
>
>  
>
>     <Host name="localhost" appBase="webapps" />
>
>  
>
>     <Host name="www.resourcepoint.org" 
>
>           appBase="E:\webapps\resourcepoint"
>
>           unpackWARs="true" 
>
>           autoDeploy="true"
>
>           xmlValidation="false" 
>
>           xmlNamespaceAware="false">
>
>  
>
>     <Context path="" docBase="ROOT" debug="1"/>
>
>  
>
>           <Logger className="org.apache.catalina.logger.FileLogger"/>
>
>     </Host>
>
>  
>
>   </Engine>
>
>  
>
> </Service>
>
>  
>
>  
>
>
>   


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message