tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Eggers <its_toas...@yahoo.com.INVALID>
Subject Re: Setting up Tomcat behind an existing Apache httpd server (on Amazon Linux 2)
Date Mon, 06 Apr 2020 22:44:45 GMT
James,

On 4/6/2020 3:09 PM, James H. H. Lampert wrote:
> First of all, thank you, Mr. Malcom, Herr Kreuser, and Mr. Eggers.
> 
> One thing I will note is that near as I can tell, mod_proxy and
> mod_proxy_http are already present on the system (I can find
> "mod_proxy.so" and "mod_proxy_http.so"), but mod_jk does not appear to
> be present (no sign of a "mod_jk.so" anywhere).
> 
> Second, we do indeed have an "00-ssl.conf" file in conf.modules.d, and
> an "ssl.conf" in conf.d. The conf.d directory also has .conf files for
> all the domain names, in the form domain.conf and domain-le-ssl.conf,
> each containing the VirtualHost configurations for the various domains.
> 
> Now obviously, the very last thing I want to do is disrupt the existing
> web sites being served.
> 
> Mr. Eggers: Not quite sure I understand the "No virtual host for now"
> bit, at the top of your sample proxy configuration; I thought everything
> in httpd had to be in a virtual host.
> 
> Something I just noticed myself: if I go to http://www.baz.com, it
> *doesn't* immediately redirect me to https://www.baz.com, but if I go to
> http://www.foo.com or http://www.bar.com, it *does* immediately switch
> me to https. This seems like some sort of an oversight by my colleague,
> who configured the sites.
> 
> From what I can see, "mod_proxy" seems easier to set up (and one less
> thing to download); what are the disadvantages, if any?
> 
> -- 
> JHHL

I iust meant that my example didn't have a virtual host. In your
requirement, you'd probably put the LoadModule and <Proxy>
configurations in the main httpd.conf section so it'll be inherited by
the named virtual hosts.

In each named virtual host, you would then place the ProxyPass /
ProxyPassReverse pairs for a targeted (named) host. You could even have
one Apache HTTPD talk to different back-end Tomcats (one for each named
host in domain-le-ssl.conf).

There are a lot of ways to slice and dice this. It all depends on your
requirements.

. . . just my two cents
/mde/


Mime
View raw message