Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Received-SPF: pass (herse.apache.org: local policy)
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_001_01C74935.65AD7BA2"
Subject: AJP Connector - Problems Proxying HTTPS Connections
Date: Mon, 5 Feb 2007 09:53:27 -0500
Message-ID: <690BA3B35A2861419CBF6833BD537AD22433F3@nacdmail.NORTHLANDCC.NET>
Thread-Topic: AJP Connector - Problems Proxying HTTPS Connections
Thread-Index: AcdJNWTuRPpva+gmTmq/fL/K+UERiA==
From: "Bill Bailey" <Bill.Bailey@northlandchurch.net>
To: <users@tomcat.apache.org>

------_=_NextPart_001_01C74935.65AD7BA2
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi,

=20

I am trying to run Tomcat 5.5.20 behind Win32 Apache HTTPD 2.2.4 with
SSL (downloaded from apachelounge.com) using the AJP connector.=20

=20

I have a virtual host configured on both Tomcat and Apache HTTPD.

=20

Everything works fine if I configure my Apache HTTPD virtual host to run
unsecured on port 80, but if I set it up to run secured on port 443, it
appears that when it forwards an https request to Tomcat, Tomcat is
redirecting Apache to http://www.resourcepoint.org
<http://www.resourcepoint.org/> . If I also have the port 80 virtual
host configured in Apache HTTPD, it simply resubmits the http request to
Tomcat which happily processes it (but obviously this is not what was
wanted since I am now running unsecured). If the Apache HTTPD port 80
virtual host hasn't been configured, Apache can't find a suitable
virtual host and tries to serve up the document from htdocs and, of
course, fails.

=20

I can see in Apache HTTPD log files where it is successfully getting the
https request and I can see a connection accepted on port 8009 in the
tomcat log files (followed by a line containing Location =3D
http://www.resourcepoint.org/index.jsp). Finally, in the case where the
Apache HTTPD port 80 virtual host is not configured I can see entries in
the Apache HTTPD error file where it says the file could not be found in
htdocs (because that isn't where it is).

=20

My question is:=20

=20

Why doesn't Tomcat process this https request? Why is it redirecting
Apache to an http URL? Am I missing some configuration parameter that
I'm unaware of?

=20

I have included fragments of both my Apache and Tomcat configuration
files below.

=20

Thanks in advance for any assistance you can provide.

=20

Bill Bailey

Senior Developer / DBA

Northland, A Church Distributed

=20

Apache Virtual Host Configuration Fragment

=20

NameVirtualHost xxx.xx.xx.x:443

=20

<VirtualHost xxx.xx.xx.x:443>

=20

      # General setup for the virtual host

=20

      ServerName www.resourcepoint.org:443

      DocumentRoot E:\Apache2\vhosts\resourcepoint

      ServerAlias www.resourcepoint.org:443

      ErrorLog logs/resourcepoint-ssl-error_log

      CustomLog logs/resourcepoint-ssl-access_log common

=20

      <Directory "E:/Apache2/vhosts/resourcepoint">

=20

            ... directory stuff in here ...

=20

      </Directory>

=20

      <Location / >

=20

            ProxyPass ajp://127.0.0.1:8009/

            ProxyPassReverse ajp://127.0.0.1:8009/

=20

      </Location>

=20

      ... SSL stuff here ...

</VirtualHost>

=20

Tomcat Virtual Host Configuration Fragment

=20

<Service name=3D"Catalina">

=20

  <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->

=20

  <Connector port=3D"8888"

             address=3D"127.0.0.1"

             maxHttpHeaderSize=3D"8192"

             maxThreads=3D"150"=20

             minSpareThreads=3D"25"=20

 maxSpareThreads=3D"75"

             enableLookups=3D"false"=20

             redirectPort=3D"8443"

             acceptCount=3D"100"

             connectionTimeout=3D"20000"=20

             disableUploadTimeout=3D"true" />

=20

  <!-- Define an AJP 1.3 Connector on port 8009 -->

        =20

  <Connector port=3D"8009"=20

             address=3D"127.0.0.1"

             enableLookups=3D"false" =20

             protocol=3D"AJP/1.3"=20

             secure=3D"true"

             scheme=3D"https"

             proxyName=3D"www.resourcepoint.org"=20

             proxyPort=3D"443" />

=20

  <!-- Define the top level container in our container hierarchy -->

=20

  <Engine name=3D"Catalina" defaultHost=3D"www.resourcepoint.org">

=20

    <Realm className=3D"org.apache.catalina.realm.UserDatabaseRealm"
resourceName=3D"UserDatabase" />

=20

    <Host name=3D"localhost" appBase=3D"webapps" />

=20

    <Host name=3D"www.resourcepoint.org"=20

          appBase=3D"E:\webapps\resourcepoint"

          unpackWARs=3D"true"=20

          autoDeploy=3D"true"

          xmlValidation=3D"false"=20

          xmlNamespaceAware=3D"false">

=20

    <Context path=3D"" docBase=3D"ROOT" debug=3D"1"/>

=20

          <Logger className=3D"org.apache.catalina.logger.FileLogger"/>

    </Host>

=20

  </Engine>

=20

</Service>

=20

=20


------_=_NextPart_001_01C74935.65AD7BA2--