date:20240508

Re: Regarding Tomcat url redirection

2024-05-08 Thread Christopher Schultz


Lavanya,

On 5/8/24 06:48, lavanya tech wrote:

I figured out how I can it make it work with 443. Now the URls are working.
I added iptables route 443 to 8443 and it started working.

nslookup example.lbg.com

Non-authoritative answer:
Name:server.lbg.com
Address:  192.168.200.105
Aliases:  example.lbg.com


I have some application towl running with apache tomcat. I have the below
URLs working.

https://server.lbg.com:8443/towl
https://server.lbg.com
https://example.lbg.com
https://example.lbg.com/towl


Now i wanted to disable the url https://example.lbg.com/towl and
https://server.lbg.com and access only the other remaining two.


Is that a typo? You want specifically https://server.lbg.com/towl and 
https://example.lbg.com/ to point to your application?


I would *highly* recommend that you pick either /towl or / and not try 
to do both, unless you want to deploy the application twice (which is 
fine, just deploy towl.war and ROOT.war as copies of each other). If you 
try to re-write /towl to / or / to /towl, you'll find you spend the rest 
of your days tracking-down edge-cases and "fixing" them -- likely making 
things confusing and, probably, worse.



In the end our goal to makesure that the links are not  always dead as soon
as the towl is moved to a new machine. Can you pelase assit me how to do
that?


The goal should be that "moving" the application only means changing DNS 
and everything else works as expected.


If you:

1. Deploy the application with a single context (e.g. /towl, which I 
recommend)


2. Re-direct / to /towl (this requires a reverse-proxy or a ROOT 
application that does nothing but redirect ; my personal preference)


3. Do not define any  other than "localhost" and make it the 
default. Do not bother with any  elements since they are not 
necessary.


Moving the application should only require that you:

4. Deploy the same application with the same configuration in the new 
location


5. Change DNS to point example.lbg.com and server.lbg.com to the new 
location of the service


Hope that helps,
-chris


On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:


Lavanya,

On 4/30/24 07:10, lavanya tech wrote:

Can you tell me how to do the below ? How should I setup Tomcat in
server.xml ?


If you want to use port 443 (the default port for HTTPS) then you will
need to change Tomcat to bind to port 443 (if that's allowed on your OS)
or arrange to have port 443 routed to port 8443. You may need additional
configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat
generate URLs with ":8443" in them.

Looking forward to your reply.


If Tomcat is listening on port 8443 then you will need to include that
in your URL, period. If you want to allow URLs without a port number,
you will have to arrange to have something listening on port 443.

On Windows, Tomcat can listen directly on port 443. On UNIX and
UNIX-like systems, you won't be able to do this without running Tomcat
as root WHICH YOU ABSOLUTELY SHOULD NOT DO.

There are other ways to get port 443 working, but I'll need to know more
about your environment. The port issue is "easier" than figuring out
whatever is going on with your DNS, aliases, etc. so I would recommend
we fix one thing at a time.

-chris


On Mon, Apr 29, 2024 at 2:03 PM lavanya tech 
wrote:


Hi Chris,

There is no issues with browser, because I tested with different

browsers

and it all works fine. I am sure that there is no issue with the
certificate.
   Because I was able to establish successful connections with port

8443, it

just doesnot work with out port

   curl  https://example.lbg.com/towl
curl: (56) Received HTTP code 504 from proxy after CONNECT
curl: (56) Received HTTP code 504 from proxy after CONNECT


If you want to use port 443 (the default port for HTTPS) then you will
need to change Tomcat to bind to port 443 (if that's allowed on your OS)
or arrange to have port 443 routed to port 8443. You may need additional
configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat
generate URLs with ":8443" in them.



should i use connect port like the above ?  But you mentioned before we
dont need any configuration changes. Please clarify I am not able to

figure

this out and I have this issue many days pending. How to make it work

with

port 8443 and with out port

Also I wanted to use weburl with alias name permanently instead of the
hostname. How can I achieve both

Thanks,
Lavanya


-->


On Fri, Apr 26, 2024 at 9:28 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:


Lavanya,

On 4/25/24 07:24, lavanya tech wrote:

Hi Chris,

One question / doubt:

As I mentioned earlier, the below URLS already working in the browser

https://server.lbg.com:8443/towl
https://example.lbg.com:8443/towl -> redirect ( which means when I

hit in

browser) it points to https://server.lbg.com:8443/towl ---> To be

frank,

even I donot need redirect here, not sure why it redirects.

Re: Regarding Tomcat url redirection

2024-05-08 Thread lavanya tech

Hello Chris,

I figured out how I can it make it work with 443. Now the URls are working.
I added iptables route 443 to 8443 and it started working.

nslookup example.lbg.com

Non-authoritative answer:
Name:server.lbg.com
Address:  192.168.200.105
Aliases:  example.lbg.com


I have some application towl running with apache tomcat. I have the below
URLs working.

https://server.lbg.com:8443/towl
https://server.lbg.com
https://example.lbg.com
https://example.lbg.com/towl


Now i wanted to disable the url https://example.lbg.com/towl and
https://server.lbg.com and access only the other remaining two.

In the end our goal to makesure that the links are not  always dead as soon
as the towl is moved to a new machine. Can you pelase assit me how to do
that ?

Thanks,
Lavanya

On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Lavanya,
>
> On 4/30/24 07:10, lavanya tech wrote:
> > Can you tell me how to do the below ? How should I setup Tomcat in
> > server.xml ?
> >
> >
> > If you want to use port 443 (the default port for HTTPS) then you will
> > need to change Tomcat to bind to port 443 (if that's allowed on your OS)
> > or arrange to have port 443 routed to port 8443. You may need additional
> > configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat
> > generate URLs with ":8443" in them.
> >
> > Looking forward to your reply.
>
> If Tomcat is listening on port 8443 then you will need to include that
> in your URL, period. If you want to allow URLs without a port number,
> you will have to arrange to have something listening on port 443.
>
> On Windows, Tomcat can listen directly on port 443. On UNIX and
> UNIX-like systems, you won't be able to do this without running Tomcat
> as root WHICH YOU ABSOLUTELY SHOULD NOT DO.
>
> There are other ways to get port 443 working, but I'll need to know more
> about your environment. The port issue is "easier" than figuring out
> whatever is going on with your DNS, aliases, etc. so I would recommend
> we fix one thing at a time.
>
> -chris
>
> > On Mon, Apr 29, 2024 at 2:03 PM lavanya tech 
> > wrote:
> >
> >> Hi Chris,
> >>
> >> There is no issues with browser, because I tested with different
> browsers
> >> and it all works fine. I am sure that there is no issue with the
> >> certificate.
> >>   Because I was able to establish successful connections with port
> 8443, it
> >> just doesnot work with out port
> >>
> >>   curl  https://example.lbg.com/towl
> >> curl: (56) Received HTTP code 504 from proxy after CONNECT
> >> curl: (56) Received HTTP code 504 from proxy after CONNECT
> >>
> >>
> >> If you want to use port 443 (the default port for HTTPS) then you will
> >> need to change Tomcat to bind to port 443 (if that's allowed on your OS)
> >> or arrange to have port 443 routed to port 8443. You may need additional
> >> configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat
> >> generate URLs with ":8443" in them.
> >>
> >>  >> connectionTimeout="2"
> >> redirectPort="8443"
> >> maxThreads="150"
> >> scheme="https" secure="true" SSLEnabled="true"
> >> keystoreFile="path_to_your_keystore_file"
> >> keystorePass="your_keystore_password"
> >> keystoreType="PKCS12"
> >> clientAuth="false" sslProtocol="TLS"
> >> proxyPort="443"/>
> >>
> >> should i use connect port like the above ?  But you mentioned before we
> >> dont need any configuration changes. Please clarify I am not able to
> figure
> >> this out and I have this issue many days pending. How to make it work
> with
> >> port 8443 and with out port
> >>
> >> Also I wanted to use weburl with alias name permanently instead of the
> >> hostname. How can I achieve both
> >>
> >> Thanks,
> >> Lavanya
> >>
> >>
> >>-->
> >>
> >>
> >> On Fri, Apr 26, 2024 at 9:28 PM Christopher Schultz <
> >> ch...@christopherschultz.net> wrote:
> >>
> >>> Lavanya,
> >>>
> >>> On 4/25/24 07:24, lavanya tech wrote:
>  Hi Chris,
> 
>  One question / doubt:
> 
>  As I mentioned earlier, the below URLS already working in the browser
> > https://server.lbg.com:8443/towl
> > https://example.lbg.com:8443/towl -> redirect ( which means when I
> >>> hit in
>  browser) it points to https://server.lbg.com:8443/towl ---> To be
> >>> frank,
>  even I donot need redirect here, not sure why it redirects.
> 
>  My question is why its working even though SAN is not registered with
> >>> the
>  certificate ? It doesnot even throw warning in the browser.
> >>>
> >>> I'm not sure. Is it possible you have dismissed this error in the past
> >>> and the browser is remembering that? Try this with a different web
> >>> browser or maybe with curl from the command-line to see what happens.
> >>>
>  Why https://server.lbg.com/towl or https://example.lbg.com/towl -->
> >>> How it
>  should work with New SAN certificate

Re: Regarding Tomcat url redirection

Re: Regarding Tomcat url redirection

2 matches

Site Navigation

Mail list logo

Footer information