Hi all, I have a vendor-supplied application here that is bundled with Microsoft IIS 5 and Tomcat version 4.1.29. Our hosting infrastructure eploys proxy servers and external SSL acceleration hardware in front of the Tomcat server and needs to pass scheme and secure information back to our clients. To do this I have specified the following in server.xml:
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 --> <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8009" minProcessors="5" maxProcessors="75" enableLookups="true" redirectPort="8443" acceptCount="10" debug="0" connectionTimeout="20000" useURIValidationHack="false" proxyPort="443" scheme="https" secure="true" proxyName="my.com" protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/> <!-- Define an AJP 1.3 Connector on port 8009 --> Unfortunately, Tomcat seems to ignore these seetings upon redirects. Tracing the reponse of the server shows that the protocol http is passed back to clients instead of https (other setting like proxyport and proxyname are passed back correctly): No. Time Source Destination Protocol Info 172 4.476556 10.124.83.148 10.124.83.140 HTTP HTTP/1.1 302 Moved Temporarily Frame 172 (544 bytes on wire, 544 bytes captured) Arrival Time: Jun 22, 2005 15:03:49.804862000 Time delta from previous packet: 0.288105000 seconds Time since reference or first frame: 4.476556000 seconds Frame Number: 172 Packet Length: 544 bytes Capture Length: 544 bytes Ethernet II, Src: 00:08:02:a1:b0:6b, Dst: 00:08:02:f0:94:01 Destination: 00:08:02:f0:94:01 (CompaqCo_f0:94:01) Source: 00:08:02:a1:b0:6b (CompaqCo_a1:b0:6b) Type: IP (0x0800) Internet Protocol, Src Addr: 10.124.83.148 (10.124.83.148), Dst Addr: 10.124.83.140 (10.124.83.140) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 530 Identification: 0x2e08 (11784) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 128 Protocol: TCP (0x06) Header checksum: 0x0ec6 (correct) Source: 10.124.83.148 (10.124.83.148) Destination: 10.124.83.140 (10.124.83.140) Transmission Control Protocol, Src Port: http (80), Dst Port: 4184 (4184), Seq: 90, Ack: 931, Len: 490 Source port: http (80) Destination port: 4184 (4184) Sequence number: 90 (relative sequence number) Next sequence number: 580 (relative sequence number) Acknowledgement number: 931 (relative ack number) Header length: 20 bytes Flags: 0x0018 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 16590 Checksum: 0x69aa (correct) Hypertext Transfer Protocol HTTP/1.1 302 Moved Temporarily\r\n Response Code: 302 Server: Microsoft-IIS/5.0\r\n Date: Wed, 22 Jun 2005 13:03:49 GMT\r\n pragma: no-cache\r\n Cache-Control: no-store\r\n Expires: Thu, 01 Jan 1970 00:00:00 GMT\r\n Set-Cookie: remember=false; Expires=Fri, 22-Jul-2005 13:03:50 GMT\r\n Set-Cookie: loginuser=; Expires=Thu, 01-Jan-1970 00:00:10 GMT\r\n Set-Cookie: loginpass=; Expires=Thu, 01-Jan-1970 00:00:10 GMT\r\n Location: http://my.com:443/oaa/appmenu.jsp\r\n Content-Type: text/html;charset=UTF-8\r\n Content-Length: 0\r\n \r\n I have found a similar bug in the Bugzilla database (http://issues.apache.org/bugzilla/show_bug.cgi?id=17656) for version 4.1.18 which is resolved. However, a user states in the bug report that the bug is still present in version 4.1.24. I wonder if it has been really fixed or I still have this bug in version 4.1.29. Zsolt --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]