tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: AJP Connector - Problems Proxying HTTPS Connections
Date Mon, 05 Feb 2007 16:56:04 GMT
Hash: SHA1


Bill Bailey wrote:
>     <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->

This one is irrelevant to this discussion, right? Your AJP connector is
the only one not working.

>     <!-- Define an AJP 1.3 Connector on port 8009 -->
>     <Connector port="8009" 
> 		   address=""
>                enableLookups="false"  
>                protocol="AJP/1.3" 
> 		   secure="true"
> 		   scheme="https"
> 		   proxyName="" 
> 		   proxyPort="443" />

If you are using Apache to do all your SLL, then why do you have
secure="true" and scheme="https" on the AJP connector?

>     <Connector port="8010" 
> 		   address=""
>                enableLookups="false"  
>                protocol="AJP/1.3" 
> 		   secure="false"
> 		   scheme="http"
> 		   proxyName="" 
> 		   proxyPort="80" />

I'm guessing that you are using this connector and not the other one.
Apache forwards the request to Tomcat, which sees that "secure" is set
to "false", the scheme is "http" and the port is "80". So, it sends a
redirect to get the user /out/ of HTTPS, because it's configured to do so.

I would remove (at least) the secure and scheme attributes from your
connector and try that. Tomcat should not care about the security status
of the browser->Apache httpd connection.

I believe this is the problem.

- -chris
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla -


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message