Stop Tomcat over non-SSL connection with Apache2/JK2
I'm setting up a simple Apache 2/Tomcat4 configuration with Mod_JK2 and SSL. Without using SSL, I got going pretty quickly with Apache 2/Tomcat 4/JK2. i.e. I could go to http://hostname/gwise/blah (where gwise was a tomcat webapp) and that worked fine. I then introduced SSL, and I could then go to https://hostname/gwise/blah fine as well. The problem, is that I do *NOT* want the webapp available over the non-SSL connection. In the VirtualHost section in Apache 2 where I defined the SSL VirtualHost, I put a JkUriSet command, but the tomcat apps were still available over port 80 (non-SSL) - even though there was no other mention of tomcat elsewhere in the Apache config - or anything in workers2.properties. What do I need to do to only have tomcat apps available over SSL ? I'm using Apache v2.0.49, mod_ssl v2.0.49, mod_jk2 v2.04 and tomcat v4.1.29 Thanks, GTG Gordon Ross, Network Manager/Rheolwr Rhydwaith Countryside Council for Wales/Cyngor Cefn Gwlad Cymru - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Stop Tomcat over non-SSL connection with Apache2/JK2
Gordon Ross wrote: The problem, is that I do *NOT* want the webapp available over the non-SSL connection. In the VirtualHost section in Apache 2 where I defined the SSL VirtualHost, I put a JkUriSet command, but the tomcat apps were still available over port 80 (non-SSL) - even though there was no other mention of tomcat elsewhere in the Apache config - or anything in workers2.properties. I had the same problem. Guess the virtual host support is not as good in connection with JkUriSet as we thought. I also tried to put some Mappings in http vhost only, some only https vhost. But JkUriSet seemed to ignore that. What do I need to do to only have tomcat apps available over SSL ? The solution is that you explicitly deny the UriMappings in your http vhost as Apache will block them before mod_jk comes in. e.g. something like Location ... Order Deny,Allow Deny from All /Location but check the Apache documentation for details. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
