tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: AJP Connector - Problems Proxying HTTPS Connections
Date Mon, 05 Feb 2007 16:56:04 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bill,

Bill Bailey wrote:
>     <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->

This one is irrelevant to this discussion, right? Your AJP connector is
the only one not working.

>     <!-- Define an AJP 1.3 Connector on port 8009 -->
>     <Connector port="8009" 
> 		   address="127.0.0.1"
>                enableLookups="false"  
>                protocol="AJP/1.3" 
> 		   secure="true"
> 		   scheme="https"
> 		   proxyName="www.resourcepoint.org" 
> 		   proxyPort="443" />

If you are using Apache to do all your SLL, then why do you have
secure="true" and scheme="https" on the AJP connector?

>     <Connector port="8010" 
> 		   address="127.0.0.1"
>                enableLookups="false"  
>                protocol="AJP/1.3" 
> 		   secure="false"
> 		   scheme="http"
> 		   proxyName="www.resourcepoint.org" 
> 		   proxyPort="80" />

I'm guessing that you are using this connector and not the other one.
Apache forwards the request to Tomcat, which sees that "secure" is set
to "false", the scheme is "http" and the port is "80". So, it sends a
redirect to get the user /out/ of HTTPS, because it's configured to do so.

I would remove (at least) the secure and scheme attributes from your
connector and try that. Tomcat should not care about the security status
of the browser->Apache httpd connection.

I believe this is the problem.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFx2Gk9CaO5/Lv0PARAsSYAKCL4NV8TiuBU28LTCyWbRgExa5wCgCgnMKS
PraT19n7TGcvoE4MjMpQ470=
=mkHX
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message