Tomcat 5.5.10: APR-SSL generates wrong 302 response
Hello! I've configured Tomcat 5.5.10 to use APR. The HTTP-Connector listens on port 80, the HTTPS-Connector listens on port 443. A request for https://www/tomcat-docs generates the following response: GET /tomcat-docs HTTP/1.1 Host: www User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.8b4) Gecko/20050721 Firefox/1.0+ Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: https://www:80/tomcat-docs/ Transfer-Encoding: chunked Date: Mon, 25 Jul 2005 11:57:39 GMT Obviously this doesn't work since since the redirection response tells the browser to connect to the HTTP port using HTTPS. This problem does *not* occur if: - The request is for https://www/tomcat-docs/ (no surprise since no redirect response is generated in this case). - The HTTPS-Connector is configured to listen on port 8443 (or propably any other non-standard HTTPS-port - but I haven't tried). - APR isn't used at all. BTW: tomcat-docs is just an example. With other web-apps thre's the same problem. Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.10: APR-SSL generates wrong 302 response
On 7/25/05, Markus Schönhaber [EMAIL PROTECTED] wrote: Hello! I've configured Tomcat 5.5.10 to use APR. The HTTP-Connector listens on port 80, the HTTPS-Connector listens on port 443. A request for https://www/tomcat-docs generates the following response: GET /tomcat-docs HTTP/1.1 Host: www User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.8b4) Gecko/20050721 Firefox/1.0+ Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: https://www:80/tomcat-docs/ Transfer-Encoding: chunked Date: Mon, 25 Jul 2005 11:57:39 GMT Obviously this doesn't work since since the redirection response tells the browser to connect to the HTTP port using HTTPS. This problem does *not* occur if: - The request is for https://www/tomcat-docs/ (no surprise since no redirect response is generated in this case). - The HTTPS-Connector is configured to listen on port 8443 (or propably any other non-standard HTTPS-port - but I haven't tried). - APR isn't used at all. There's indeed a cut paste error (the default ports for HTTP and HTTPS are inverted), so you need to add an extra '!': Index: Http11AprProcessor.java === RCS file: /home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java,v retrieving revision 1.25 retrieving revision 1.26 diff -u -r1.25 -r1.26 --- Http11AprProcessor.java 13 Jul 2005 13:03:51 - 1.25 +++ Http11AprProcessor.java 25 Jul 2005 15:32:48 - 1.26 @@ -1422,8 +1422,8 @@ } if (colonPos 0) { -if (ssl) { -// 80 - Default HTTTP port +if (!ssl) { +// 80 - Default HTTP port request.setServerPort(80); } else { // 443 - Default HTTPS port Using proxyPort=443 should be a decent workaround. -- x Rémy Maucherat Developer Consultant JBoss Group (Europe) SàRL x - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.10: APR-SSL generates wrong 302 response
Am Montag, 25. Juli 2005 17:39 schrieb Remy Maucherat: There's indeed a cut paste error (the default ports for HTTP and HTTPS are inverted), so you need to add an extra '!': Index: Http11AprProcessor.java === RCS file: /home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http1 1/Http11AprProcessor.java,v retrieving revision 1.25 retrieving revision 1.26 diff -u -r1.25 -r1.26 --- Http11AprProcessor.java 13 Jul 2005 13:03:51 - 1.25 +++ Http11AprProcessor.java 25 Jul 2005 15:32:48 - 1.26 @@ -1422,8 +1422,8 @@ } if (colonPos 0) { -if (ssl) { -// 80 - Default HTTTP port +if (!ssl) { +// 80 - Default HTTP port request.setServerPort(80); } else { // 443 - Default HTTPS port Using proxyPort=443 should be a decent workaround. Great! Thanks for the quick response. Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]