On 28/02/2020 22:26, Martynas Jusevičius wrote:
> Yes the clients connect only directly to nginx.
>
> So the proxy config within 2 pairs of containers is like this:
>
> # website service; clientAuth=false
> nginx:80 -> tomcat:8080
> nginx:443 -> tomcat:8443
>
> # API service; clientAuth=true
> nginx-api:90 -> tomcat-api:8080
> nginx-api:5443 -> tomcat-api:8443
Try using proxyPort="5443" on the HTTPS connector in Tomcat for this
instance. That should do the trick.
Mark
>
> nginx and nginx-api ports are exposed to the Docker host and that is
> where the clients access them, therefore the host name the webapp sees
> is localhost (as in my rewrite example).
>
> What I'm trying to do is to fool the webapp on tomcat-api into
> thinking it's being accessed on localhost:80/443 instead of
> localhost:90/5443.
>
> Absolute URIs matter in this case because they are used for direct
> lookups in an RDF triplestore and RDF uses absolute URIs.
>
>
> On Fri, Feb 28, 2020 at 10:59 PM Mark Thomas <ma...@apache.org> wrote:
>>
>> On 28/02/2020 21:00, Martynas Jusevičius wrote:
>>> Setting up a second container with a different port was easy enough.
>>>
>>> However I got stuck on the URL mapping/rewriting. Using nginx as a
>>> proxy, I don't think it's possible to rewrite headers with the
>>> upstream module:
>>> https://nginx.org/en/docs/http/ngx_http_upstream_module.html
>>>
>>> As I understand it just forwards raw traffic, so the URL rewriting
>>> would have to be done on the Tomcat's side. Basically I want to
>>> rewrite:
>>>
>>> https://localhost:5443/ => https://localhost/
>>>
>>> which requires rewriting the Host request header, I think.
>>>
>>> I was looking at the RewriteValve, but it says:
>>> "Unlike newer mod_rewrite versions, the Tomcat rewrite valve does not
>>> automatically support absolute URLs (the specific redirect flag must
>>> be used to be able to specify an absolute URLs, see below) or direct
>>> file serving."
>>>
>>> Is there a way to rewrite the hostname/port in configuration?
>>> Something placed in context.xml would be ideal.
>>
>>
>> What port is nginx listening on?
>>
>> What port is Tomcat listening on?
>>
>> I assume the client connects directly to nginx.
>>
>> Mark
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
