[prev in list] [next in list] [prev in thread] [next in thread]
List: tomcat-user
Subject: Re: With tomcat 5 redirects to a secure port fails
From: Paul Singleton <paul () jbgb ! com>
Date: 2005-08-31 21:53:38
Message-ID: 431626E2.9080102 () jbgb ! com
[Download RAW message or body]
Julie Moore wrote:
> I have been looking al over for an explanation to what I am seeing. If I
> hit my site with https I get my secure page displayed if I hit it with
> http it is set up to redirect to https.
How is it set up? I believe this can only be done with
a client-side redirect, but you do not show us the page
which does this.
(If someone visits your site using HTTP you cannot
respond using HTTPS: you have to persuade them to redo
the request using HTTPS)
> The problem is the redirect is
> trying to use the internal IP address in the URL
> (https://10.0.0.4/login.jsp) not the URL with the "www." defined.
OK but I can't see that it is Tomcat which is responsible
for this: the config details you supply look plausible but
are irrelevant.
Check your web.xml for the site's welcome page, then check
the content of this page.
Paul Singleton
> We had this set up in tomcat 4 and the external users who where
> redirected were able to get the secure page from "http://www." but now
> this does not work.
>
> I have looked at all the Tomcat 5 SSL sites that have come up on a
> number of searches but I do not see this problem addressed.
>
> Julie
>
> -----Original Message-----
> From: Julie Moore [mailto:jmoore@orchardsoft.com]
> Sent: Monday, August 29, 2005 1:50 PM
> To: tomcat-user@jakarta.apache.org
> Subject: With tomcat 5 redirects to a secure port the connection fails
>
>
>
> I have updated a site from tomcat 4 to tomcat 5 and my link that used to
> redirect to a secure site now fails. I see the webpage tying to connect
> with my internal IP address instead of the external URL that the request
> came in one. If I connect to https://www.x.com and hit the link to the
> secure page my page displays correctly. But if I hit it from
> http://www.x.com <http://www.x.com/> the secure page does not display.
>
>
>
> The page that displays has not changed. It has a relative link to the
> webapp that I want to have as secure.
>
>
>
> I have the server.xml connectors defined:
>
>
>
> <Connector port="80" minThreads="150" maxSpareThreads="75"
> minSpareThreads="25"
>
> enableLookups="true" redirectPort="443"
>
> acceptCount="100" debug="0" connectionTimeout="20000"
>
> disableUploadTimeout="true" />
>
>
>
>
>
> <!-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -->
>
>
>
>
>
> <Connector port="443" maxHttpHeaderSize="8192"
>
> maxThreads="150" minSpareThreads="25"
> maxSpareThreads="75"
>
> enableLookups="false" disableUploadTimeout="true"
>
> acceptCount="100" scheme="https" secure="true"
>
> clientAuth="false" sslProtocol="TLS"
> keystoreFile="c:\tomcat\conf\keystore.ks" />
>
>
>
> and the following in the web.xml of my application I wish to have
> available only as secure:
>
>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Entire Application</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
>
> What have I missed?
> Jmoore
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.17/85 - Release Date: 30/Aug/2005
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic