tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Assaf Urieli <assaf.uri...@gmail.com>
Subject Re: IP-based virtual hosting with useIPVHosts=true always goes to default host
Date Thu, 14 Jun 2012 12:52:46 GMT
Thanks Mark & Konstantin for your replies.

I'm still having no luck here.
I've tried to apply all of Mark's suggestions to Ubuntu.
SAN certificates are not currently an option for me (because of pricing,
and also because the two domains do not officially belong to the same legal
entity).

My question is:
* When an HTTP/HTTPS request is made, when and how do
request.getLocalName() and request.getLocalAddr() get filled in?

Note that in my case, http://1.2.3.4 and http:/5.6.7.8 are directed to the
correct server, but they are always getting the following settings:
* request.getLocalAddr():  the IP address from the primary interface in
/etc/network/interfaces
* request.getLocalName(): the name corresponding to the primary interface
IP from /etc/hosts

Rgds,
Assaf

PS, regarding Mark's info, I posted my /etc/network/interfaces file in a
previous post.
The only change I made now is that I removed the gateway from the second
interface (see updated file below).
All interfaces come up correctly, and I can ping both gateways.

My updated interfaces file below:
********************************
auto lo
iface lo inet loopback

auto eth0 eth0:0

iface eth0 inet static
 address 1.2.3.4
 netmask 255.255.255.0
 gateway 1.2.3.1
        pre-up iptables-restore < /etc/iptables.conf

iface eth0:0 inet static
 address 5.6.7.8
 netmask 255.255.255.0
        pre-up iptables-restore < /etc/iptables.conf
********************************

I've also updated server.xml to contain only 3 connectors.
Only one for HTTP (name-based virtual hosting) - no address, and
useIPVHosts = false:
<Connector port="8080" protocol="HTTP/1.1" useIPVHosts="false"
               connectionTimeout="20000"
               URIEncoding="UTF-8"
               redirectPort="8443" />

And as before, for HTTPS for address 1.2.3.4:
  <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
address="1.2.3.4"
           keystoreFile="/home/tomcat6/.
keystore1" keystorePass="xxxxxx"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8"
useIPVHosts="true" />

And one for HTTPS for address 5.6.7.8:
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
address="5.6.7.8"
           keystoreFile="/home/tomcat6/.keystore2" keystorePass="xxxxxx"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8"
useIPVHosts="true" />

>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message