tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alessandro Novarini <anovarin...@gmail.com>
Subject Tomcat as https proxy
Date Wed, 14 Dec 2011 23:02:21 GMT
Hello all,

My current client has web application deployed on tomcat that acts as an
http proxy recording all the responses from remote web services in order to
work "off-line" when needed.

The problem they asked me to solve is with a service that uses the https
protocol.
When I configure the application to talk via https to the "custom" proxy,
it gets in return a return code of 400 (Bad Request).

Enabling the access log on tomcat, done setting the valve for the host, I
can see that the verb used during the first call is CONNECT.
This is fine, as the https proxy should first ask the proxy for a port and
then tunnel the communication encrypted.

I tried to debug the HttpConnector and neighbourhood, and as far as I can
understand, the class org.apache.catalina.connector.CoyoteAdapter, gets an
url like www.gmail.com:443, that it can't normalize.

In other parts of the code (org.apache.coyote.http11.Http11Processor maybe?
I don't have the code with me right now) I see checks on the http verb used
in the communication, but it only checks whether this is GET or POST.

Is it correct to think that this kind of usage of tomcat is improper? To me
it would be better to add the custom behaviour to a stand-alone proxy
instead of trying to work (or even worse patching the code) with tomcat.

What do you think? Does anybody have some experience to share about it?

Thanks in advance
Alessandro Novarini

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message