tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matthew X. Economou" <xenop...@irtnog.org>
Subject RE: Proxy Apache https to Tomcat http
Date Thu, 06 Oct 2016 11:57:41 GMT
Ted Spradley writes:

> Problem: A Tomcat application at context "/mycontext" on port 8081
> running through Apache proxy renders as expected when using
> http://example.com/mycontext but https://example.com/mycontext call
> renders "The requested URL /mycontext/ was not found on this server."

Dear Ted,

I'm running a similar configuration, using stock Apache httpd/Tomcat on
CentOS 7 to host the Shibboleth IdP.  Rather than try to proxy
HTTPS-HTTP, I'm using the AJP connector.  In the httpd configuration,
I've enabled mod_proxy_ajp and set the following in the VirtualHost
section for the IdP web site:

ProxyPass        /idp ajp://localhost:8009/idp
ProxyPassReverse /idp https://login.example.com/idp

"/idp" here being the Tomcat Catalina context.  I did not change any of
the connectors listed in server.xml.

Note that I do not allow unencrypted access to this application: I
redirect all HTTP requests to the HTTPS site, and I set a HSTS header
that signals browsers to remember this for future connection attempts. 

Best wishes,
Matthew

P.S. If you haven't already, please review
https://wiki.mozilla.org/Security/Server_Side_TLS and apply its
recommendations to your Apache httpd configuration.

-- 
"The lyf so short, the craft so longe to lerne."


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message