tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Warren Killian" <warrenkill...@gmail.com>
Subject Cool SSL/TLS Deployment Trick! How Does It Work?
Date Mon, 04 Aug 2008 18:41:13 GMT
Hello users@tomcat.apache.org,

The company I recently started working at does a very interesting trick in
order to facilitate SSL/TLS connections and I am baffled as to how it
actually works.

First, some background:
===================
Tomcat Version: jakarta-tomcat-5.5.9
OS: SuSE Enterprise Linux

Brief Description of the Trick:
=====================
We deploy multiple distinct (unsecure) web applications "inside" of another
(secure) web application's deployment directory in order to achieve SSL/TLS
connections without the user being nagged about Certificate/Domain name
mismatches.  The reason for this I am told is that we only have one server
certificate for our one server IP address but we host multiple virtual
domains.  The bosses don't want the clients/end-users getting that funny
domain name mismatch nagg window when they first go to one of our hosted web
apps.
Its true!

We have one virtual host ("secure-mydomain.com") configured in our Tomcat
instance.  Its specification/declaration in server.xml is seemingly quite
normal:
<Host name="secure-mydomain.com"
          appBase="/some/directory/secure-mydomain.com">
   <Alias>www.secure-mydomain.com</Alias>
   <Valve className="org.apache.catalina.valves.AccessLogValve"
              directory="logs"
              prefix="access-secure-mydomain.com-"
              suffix=".log" pattern="combined"/>
</Host>

We have a server Certificate for "secure-mydomain.com" for which we have
defined a connector:
<Connector port="443"
                  maxHttpHeaderSize="8192"
                  maxThreads="200"
                  minSpareThreads="25"
                  maxSpareThreads="75"
                  enableLookups="false"
                  disableUploadTimeout="true"
                  acceptCount="150"
                  scheme="https"
                  secure="true"

keystoreFile="/some/other/directory/secure-mydomain.com.keystore"
                  keystorePass="none-of-your-beeswax"
                  clientAuth="false"
                  sslProtocol="TLS"/>

Now for the weird part.  Whenever our developers create a new web app which
requires SSL/TLS, they:
1.) deploy the new web app to its own (unsecure) virtual host.
2.) copy the new web app deployment directory into the secure web app's
deployment directory (/some/directory/secure-mydomain.com/).
     So, there now exists for the secure web app a directory structure such
as:
     secure-mydomain.com
          ROOT
               WEB-INF
                    web.xml
          new-web-app
               WEB-INF
                    web.xml
          another-new-web-app
               WEB-INF
                    web.xml
          yet-another-new-web-app
               WEB-INF
                    web.xml

3.) replace the new (unsecure) web app's index.jsp file with one which sends
a redirect to "www.secure-mydomain.com/new-web-app/".

Voila!  The user is redirected to the new web app under
secure-mydomain.com/new-web-app/ with a secure SSL/TLS connection and the
"new-web-app" seems to works fine.

I'm no expert at Tomcat or web app deployment.  But I have read about the
"directory structure" of J2EE compiant web applications.  It seems to me
that we are literally copying one (unsecure) web app and its entire
directory structure into another (secure) web apps directory structure.  But
everything seems to work.  Tomcat seems to recognize the deployment
descriptors of each new web app we copy into "secure-mydomain.com"'s
deployment directory.  For each "new" web app we copy into there, the new
web apps InitParameters, Listeners, contextParameters, etc. defined in each
new web apps deployment descriptor are recognized by Tomcat.  It "seems" to
work.

But how?  Is it kosher to copy one web application's deployment directory
directly "into" another web application's deployment directory?  Does this
violate the J2EE spec?  Is it recommended practice?  Can you see anything
particularly "wrong" with it?

I'd love to hear some comments as this sounds like a strange and interesting
trick to me.
-- 
Cheers,
Warren Killian
warrenkillian@gmail.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message