tomcat-users mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	Assaf Urieli <assaf.uri...@gmail.com>
Subject	Re: IP-based virtual hosting with useIPVHosts=true always goes to default host
Date	Fri, 15 Jun 2012 10:33:38 GMT
Hi Chris, > > On 6/8/12 11:12 AM, Assaf Urieli wrote: > > Ok, this is strange. I created a test.jsp page that prints > > request.getLocalName(), request.getServerName(), and > > request.getLocalAddr(). I tried various scenarios in the browser: > > http://domain1.com, http://www.domain1.com, http:/1.2.3.4, > > http://domain2.com, http://www.domain2.com, http://5.6.7.8, as well > > as all of the above with https. > > What /real/ URLs are you using to hit your server? I dont see a port > number anywhere. > Sorry, I was trying to keep it generic up to now to see if I was simply doing something stupid, but I'll go ahead and publish my real domains/IPs. So, my test page code is: <p>Java Version:<%= System.getProperty( "java.version" ) %> <p>Local name:<%= request.getLocalName() %> <p>Server name:<%= request.getServerName() %> <p>Local IP:<%= request.getLocalAddr() %> So, the addresses to test are: http://www.joli-ciel.com/test.jsp http://www.moyshele.com/test.jsp http://178.79.152.69/test.jsp http://176.58.107.88/test.jsp And exactly the same four, but with HTTPS: https://www.joli-ciel.com/test.jsp https://www.moyshele.com/test.jsp https://178.79.152.69/test.jsp https://176.58.107.88/test.jsp Now, every single one of these gives the exact same values for request.getLocalName() and request.getLocalAddr(). request.getLocalName(): www.joli-ciel.com request.getLocalAddr(): 178.79.152.69 And this is why, even when useIPVHosts=true, I always get the HTTPS Connector corresponding to 178.79.152.69, which gives the wrong SSL certificate for https://www.moyshele.com For info, my /etc/network/interfaces file: ********************************************** auto lo iface lo inet loopback auto eth0 eth0:0 iface eth0 inet static address 178.79.152.69 netmask 255.255.255.0 gateway 178.79.152.1 pre-up iptables-restore < /etc/iptables.conf iface eth0:0 inet static address 176.58.107.88 netmask 255.255.255.0 pre-up iptables-restore < /etc/iptables.conf ******************************************** Note (in case it's relevent) that /etc/iptables.conf is mapping port 8080 to port 80 and port 8443 to port 443 - relevent portions below: ********************************************** nat :PREROUTING ACCEPT [11:3512] :POSTROUTING ACCEPT [13:844] :OUTPUT ACCEPT [13:844] -A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443 -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 -A OUTPUT -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443 -A OUTPUT -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 COMMIT ********************************************* My /etc/hosts file: ******************************************** 127.0.0.1 localhost.localdomain localhost 178.79.152.69 www.joli-ciel.com bilbo.joli-ciel.com bilbo.aplikaterm.com www.aplikaterm.com joli-ciel.com bilbo 176.58.107.88 www.moyshele.com www.flyingpencil.com moyshele.com flyingpencil.com moyshele ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts ******************************************** The relevent portions of my server.xml file: ******************************************** <Service name="Catalina"> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443" /> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" address="178.79.152.69" keystoreFile="/home/tomcat6/.keystore1" keystorePass="****" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" /> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" address="176.58.107.88" keystoreFile="/home/tomcat6/.keystore2" keystorePass="****" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" /> <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Alias>178.79.152.69</Alias> <Alias>aplikaterm.com</Alias> <Alias>www.aplikaterm.com</Alias> <Alias>joli-ciel.com</Alias> <Alias>www.joli-ciel.com</Alias> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="/home/tomcat6/logs/joliciel" prefix="joliciel_access_log." suffix=".log" pattern="%A %h %l %u %t '%r' %s %b" resolveHosts="false"/> </Host> <Host name="moyshele.com" appBase="/usr/share/moyshele" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Alias>176.58.107.88</Alias> <Alias>moyshele.com</Alias> <Alias>www.moyshele.com</Alias> <Context path="" docBase="."/> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="/home/tomcat6/logs/moyshele" prefix="moyshele_access_log." suffix=".log" pattern="%A %h %l %u %t '%r' %s %b" resolveHosts="false"/> </Host> </Engine> </Service> ******************************************** By the way, if I run netstat (with or without useIPVHosts=true), I get: ********************************************** sudo netstat -ntlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1967/sshd tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 2082/postgres tcp6 0 0 127.0.0.1:8005 :::* LISTEN 16815/java tcp6 0 0 :::8080 :::* LISTEN 16815/java tcp6 0 0 :::22 :::* LISTEN 1967/sshd tcp6 0 0 176.58.107.88:8443 :::* LISTEN 16815/java tcp6 0 0 178.79.152.69:8443 :::* LISTEN 16815/java ************************************************
Mime	Unnamed multipart/alternative (inline, None, 0 bytes) Unnamed text/plain (inline, None, 6313 bytes)
	View raw message