Tomcat 5.5.10: APR-SSL generates wrong 302 response
Hello! I've configured Tomcat 5.5.10 to use APR. The HTTP-Connector listens on port 80, the HTTPS-Connector listens on port 443. A request for https://www/tomcat-docs generates the following response: GET /tomcat-docs HTTP/1.1 Host: www User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.8b4) Gecko/20050721 Firefox/1.0+ Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: https://www:80/tomcat-docs/ Transfer-Encoding: chunked Date: Mon, 25 Jul 2005 11:57:39 GMT Obviously this doesn't work since since the redirection response tells the browser to connect to the HTTP port using HTTPS. This problem does *not* occur if: - The request is for https://www/tomcat-docs/ (no surprise since no redirect response is generated in this case). - The HTTPS-Connector is configured to listen on port 8443 (or propably any other non-standard HTTPS-port - but I haven't tried). - APR isn't used at all. BTW: tomcat-docs is just an example. With other web-apps thre's the same problem. Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.10: APR-SSL generates wrong 302 response
On 7/25/05, Markus Schönhaber [EMAIL PROTECTED] wrote:
Hello!
I've configured Tomcat 5.5.10 to use APR. The HTTP-Connector listens on port
80, the HTTPS-Connector listens on port 443. A request for
https://www/tomcat-docs
generates the following response:
GET /tomcat-docs HTTP/1.1
Host: www
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.8b4) Gecko/20050721
Firefox/1.0+
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
HTTP/1.x 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: https://www:80/tomcat-docs/
Transfer-Encoding: chunked
Date: Mon, 25 Jul 2005 11:57:39 GMT
Obviously this doesn't work since since the redirection response tells the
browser to connect to the HTTP port using HTTPS.
This problem does *not* occur if:
- The request is for https://www/tomcat-docs/ (no surprise since no redirect
response is generated in this case).
- The HTTPS-Connector is configured to listen on port 8443 (or propably any
other non-standard HTTPS-port - but I haven't tried).
- APR isn't used at all.
There's indeed a cut paste error (the default ports for HTTP and
HTTPS are inverted), so you need to add an extra '!':
Index: Http11AprProcessor.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- Http11AprProcessor.java 13 Jul 2005 13:03:51 - 1.25
+++ Http11AprProcessor.java 25 Jul 2005 15:32:48 - 1.26
@@ -1422,8 +1422,8 @@
}
if (colonPos 0) {
-if (ssl) {
-// 80 - Default HTTTP port
+if (!ssl) {
+// 80 - Default HTTP port
request.setServerPort(80);
} else {
// 443 - Default HTTPS port
Using proxyPort=443 should be a decent workaround.
--
x
Rémy Maucherat
Developer Consultant
JBoss Group (Europe) SàRL
x
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5.10: APR-SSL generates wrong 302 response
Am Montag, 25. Juli 2005 17:39 schrieb Remy Maucherat:
There's indeed a cut paste error (the default ports for HTTP and
HTTPS are inverted), so you need to add an extra '!':
Index: Http11AprProcessor.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http1
1/Http11AprProcessor.java,v retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- Http11AprProcessor.java 13 Jul 2005 13:03:51 - 1.25
+++ Http11AprProcessor.java 25 Jul 2005 15:32:48 - 1.26
@@ -1422,8 +1422,8 @@
}
if (colonPos 0) {
-if (ssl) {
-// 80 - Default HTTTP port
+if (!ssl) {
+// 80 - Default HTTP port
request.setServerPort(80);
} else {
// 443 - Default HTTPS port
Using proxyPort=443 should be a decent workaround.
Great! Thanks for the quick response.
Regards
mks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
