tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: redirect request from 8080 to port 80
Date Wed, 15 May 2013 13:16:55 GMT
Ognjen Blagojevic wrote:
> Anil,
> 
> On 15.5.2013 13:42, Anil Goyal -X (anigoyal - Aricent Technologies at 
> Cisco) wrote:
>> We are using tomcat version 7.0.25 and in server.xml, we have two 
>> connector port defined:80 (http)and 443(https).
>> In /etc/sysconfig/iptables, we have redirect logic written that will 
>> redirect the request coming at port 8080 to port 80, and request 
>> coming at port 8443 to 443.
>> -A PREROUTING -p tcp -m tcp --dport 8443 -j REDIRECT --to-ports 443
>> -A PREROUTING -p tcp -m tcp --dport 8080 -j REDIRECT --to-ports 80
> 
> Your configuration is a bit unusual. You have Tomcat running on port 80, 
> but you add prerouting rule to iptables, so that Tomcat will also 
> respond to port 8080, right? Would you explain what is your motivation 
> for such configuration?
> 
> 
>> Now when I hit the url 'http://request-uri:8080/context, then I am 
>> getting the desire response. I have below query:
>>
>> 1.       Will the request firstly go to iptables before tomcat ?
> 
> Yes.
> 
> 
>> 2.       If request firstly go to iptable then it check that 8080 is 
>> redirect to port 80 then url change to 'http://request-uri:80/context' 
>> and it then land to tomcat and tomcat respond to it. Now in tomcat 
>> access logs, the requesting port corresponding to this request is 
>> 8080. So why it is 8080 in tomcat access logs.? Please revert on this. 
>> I think because iptables redirect 8080 to 80 so tomcat receives the 
>> request at port 80 so in tomcat access logs, requestiong port should 
>> be 80.
> 
> Iptables will not change the URL. Iptables merely redirects all packets 
> received on port 8080 to port 80. It will not alter the contents of the 
> packets. Therefore, Tomcat will receive your HTTP request as it is sent 
> by your browser -- which means it will contain port 8080 and not port 
> 80. Tomcat processes the requests and logs the port as it is received, 
> and that is 8080.

Sorry, but that seems dubious to me.
Tomcat does not really "receive the URL" as sent.  Tomcat (supposedly) gets this 
connection on its port 80, and in principle has no idea that the original client 
connection was to port 8080, no ?


> 
> BTW, AccessLogValve does not log port by default, I assume you are using 
> your own logging pattern.
> 
> -Ognjen
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message