Re: Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Björn Raupach 

> On 01 Feb 2016, at 17:30, Mark Thomas  wrote:
> 
> On 01/02/2016 15:27, Björn Raupach wrote:
>>> On 01 Feb 2016, at 16:20, Mark Thomas  wrote:
>>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  
>>> wrote:
> 
> 
> 
 Do I need a Apache HTTPD fronted? 
>>> 
>>> No.  The name of your virtual host (or one of its aliases) must match the 
>>> host header. If they don't match the default host will be used.
>>> 
>>> Given that you've already told us one of the real host names, you might as 
>>> well show us the real configuration and the real request if you need help 
>>> spotting the configuration error.
>> 
>> And here I am trying to be smart. ;)
>> 
>> srv.grasmueck.de 
>> isiee.grasmueck.de 
> 
> 
> 
>>  >unpackWARs="true" autoDeploy="true">
> 
> 
> 
>>  
>> 
>>  >unpackWARs="true" autoDeploy="true">
> 
> 
> 
>>  
>>
>>  
>> 
> 
> To repeat: The name of your virtual host (or one of its aliases) must
> match the host header.
> 
> You should be using
> 
> and
> 

Thank you for being so patient. This worked!

> 
> Mark
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Mark Thomas 
On 01/02/2016 15:27, Björn Raupach wrote:
>> On 01 Feb 2016, at 16:20, Mark Thomas  wrote:
>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  
>> wrote:



>>> Do I need a Apache HTTPD fronted? 
>>
>> No.  The name of your virtual host (or one of its aliases) must match the 
>> host header. If they don't match the default host will be used.
>>
>> Given that you've already told us one of the real host names, you might as 
>> well show us the real configuration and the real request if you need help 
>> spotting the configuration error.
> 
> And here I am trying to be smart. ;)
> 
> srv.grasmueck.de 
> isiee.grasmueck.de 



>unpackWARs="true" autoDeploy="true">



>   
> 
>unpackWARs="true" autoDeploy="true">



>   
> 
>   
> 

To repeat: The name of your virtual host (or one of its aliases) must
match the host header.

You should be using

and


Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Björn Raupach 

> On 01 Feb 2016, at 16:29, Jeffrey Janner  wrote:
> 
>> -Original Message-
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Sent: Monday, February 01, 2016 9:21 AM
>> To: Tomcat Users List 
>> Subject: Re: Virtual Hosting, HTTP 302 to HTTPS?
>> 
>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" 
>> wrote:
>>> Dear group,
>>> 
>>> I have two web applications (a,b) that are both reachable via
>>> subdomains:
>>> 
>>> a.example.com <http://a.example.com/>
>>> b.example.com <http://b.example.com/>
>>> 
>>> For b.example.com <http://b.example.com/> exists a SSL certificate.
>>> a.example.com <http://a.example.com/> does not need SSL.
>>> The HTTPS connector uses a a Java keystore with the certificate.
>>> 
>>> I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>>> 
>>> CATALINA_HOME/webapps_a
>>> CATALINA_HOME/webapps_b
>>> 
>>> The server.xml has been adjusted.
>>> 
>>> 
>>> 
>>> 
>>>  ...
>>> 
>>> 
>>> 
>>>  ...
>>> 
>>> 
>>> 
>>> 
>>> Both web apps are deployed using ROOT.war. They get unpacked and there
>>> are no errors in the log files.
>>> 
>>> Here is my problem. b works fine, but I can't reach a.
>>> 
>>> curl -I http://a.example.com <http://a.example.com/>
>>> HTTP/1.1 302 Found
>>> Server: Apache-Coyote/1.1
>>> Cache-Control: private
>>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>>> Location: https://a.example.com <https://a.example.com/>
>>> Content-Length: 0
>>> Date: Mon, 01 Feb 2016 13:52:32 GMT
>>> 
>>> curl -I http://b.example.com <http://b.example.com/>
>>> HTTP/1.1 302 Found
>>> Server: Apache-Coyote/1.1
>>> Cache-Control: private
>>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>>> Location: https://b.example.com <https://b.example.com/>
>>> Content-Length: 0
>>> Date: Mon, 01 Feb 2016 13:52:54 GMT
>>> 
>>> The redirect sets Location to https. I know this can't work because I
>>> have no
>>> certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I
>>> need https.
>>> 
>>> And I see the web application `b` instead of `a` despite the error.
>>> 
>>> Do I need a Apache HTTPD fronted?
>> 
>> No.  The name of your virtual host (or one of its aliases) must match
>> the host header. If they don't match the default host will be used.
>> 
>> Given that you've already told us one of the real host names, you might
>> as well show us the real configuration and the real request if you need
>> help spotting the configuration error.
>> 
>> Mark
>> 
> Since the information provided shows that both URLs are responding with a 302 
> redirect to the HTTPS connector with the same hostname as provided, I'd say 
> that his server.xml configuration is working correctly.
> Obviously, there is something in both webapps that is forcing the redirect.
> Might I suggest the OP take a look at the web.xml file for the A host to see 
> if he can see that it is indeed requesting the redirect?  (hint: 
>  section.)
> Jeff

Hi Jeff,

the web application with the certificate does have a security constraint in the 
web.xml.



/index.xhtml


CONFIDENTIAL



> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org 
> <mailto:users-unsubscr...@tomcat.apache.org>
> For additional commands, e-mail: users-h...@tomcat.apache.org 
> <mailto:users-h...@tomcat.apache.org>

RE: Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Jeffrey Janner 
> -Original Message-
> From: Mark Thomas [mailto:ma...@apache.org]
> Sent: Monday, February 01, 2016 9:21 AM
> To: Tomcat Users List 
> Subject: Re: Virtual Hosting, HTTP 302 to HTTPS?
> 
> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" 
> wrote:
> >Dear group,
> >
> >I have two web applications (a,b) that are both reachable via
> >subdomains:
> >
> >a.example.com <http://a.example.com/>
> >b.example.com <http://b.example.com/>
> >
> >For b.example.com <http://b.example.com/> exists a SSL certificate.
> >a.example.com <http://a.example.com/> does not need SSL.
> >The HTTPS connector uses a a Java keystore with the certificate.
> >
> >I configured Apache Tomcat 8.0.20 with Virtual Hosting.
> >
> >CATALINA_HOME/webapps_a
> >CATALINA_HOME/webapps_b
> >
> >The server.xml has been adjusted.
> >
> >
> >
> >
> >   ...
> > 
> >
> >
> >   ...
> > 
> >
> >
> >
> >Both web apps are deployed using ROOT.war. They get unpacked and there
> >are no errors in the log files.
> >
> >Here is my problem. b works fine, but I can't reach a.
> >
> >curl -I http://a.example.com <http://a.example.com/>
> >HTTP/1.1 302 Found
> >Server: Apache-Coyote/1.1
> >Cache-Control: private
> >Expires: Thu, 01 Jan 1970 01:00:00 CET
> >Location: https://a.example.com <https://a.example.com/>
> >Content-Length: 0
> >Date: Mon, 01 Feb 2016 13:52:32 GMT
> >
> >curl -I http://b.example.com <http://b.example.com/>
> >HTTP/1.1 302 Found
> >Server: Apache-Coyote/1.1
> >Cache-Control: private
> >Expires: Thu, 01 Jan 1970 01:00:00 CET
> >Location: https://b.example.com <https://b.example.com/>
> >Content-Length: 0
> >Date: Mon, 01 Feb 2016 13:52:54 GMT
> >
> >The redirect sets Location to https. I know this can't work because I
> >have no
> >certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I
> >need https.
> >
> >And I see the web application `b` instead of `a` despite the error.
> >
> >Do I need a Apache HTTPD fronted?
> 
> No.  The name of your virtual host (or one of its aliases) must match
> the host header. If they don't match the default host will be used.
> 
> Given that you've already told us one of the real host names, you might
> as well show us the real configuration and the real request if you need
> help spotting the configuration error.
> 
> Mark
> 
Since the information provided shows that both URLs are responding with a 302 
redirect to the HTTPS connector with the same hostname as provided, I'd say 
that his server.xml configuration is working correctly.
Obviously, there is something in both webapps that is forcing the redirect.
Might I suggest the OP take a look at the web.xml file for the A host to see if 
he can see that it is indeed requesting the redirect?  (hint: 
 section.)
Jeff

Re: Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Björn Raupach 

> On 01 Feb 2016, at 16:20, Mark Thomas  wrote:
> 
> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  wrote:
>> Dear group,
>> 
>> I have two web applications (a,b) that are both reachable via
>> subdomains:
>> 
>> a.example.com 
>> b.example.com 
>> 
>> For b.example.com  exists a SSL certificate. 
>> a.example.com  does not need SSL.
>> The HTTPS connector uses a a Java keystore with the certificate. 
>> 
>> I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>> 
>> CATALINA_HOME/webapps_a
>> CATALINA_HOME/webapps_b
>> 
>> The server.xml has been adjusted.
>> 
>> 
>> 
>> 
>>  ...
>> 
>> 
>> 
>>  ...
>> 
>> 
>> 
>> 
>> Both web apps are deployed using ROOT.war. They get unpacked and there
>> are no errors in the log files.
>> 
>> Here is my problem. b works fine, but I can't reach a.
>> 
>> curl -I http://a.example.com 
>> HTTP/1.1 302 Found
>> Server: Apache-Coyote/1.1
>> Cache-Control: private 
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Location: https://a.example.com 
>> Content-Length: 0
>> Date: Mon, 01 Feb 2016 13:52:32 GMT
>> 
>> curl -I http://b.example.com 
>> HTTP/1.1 302 Found
>> Server: Apache-Coyote/1.1
>> Cache-Control: private 
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Location: https://b.example.com 
>> Content-Length: 0
>> Date: Mon, 01 Feb 2016 13:52:54 GMT  
>> 
>> The redirect sets Location to https. I know this can't work because I
>> have no
>> certificate for srv.grasmueck.de  nor do I
>> need https.
>> 
>> And I see the web application `b` instead of `a` despite the error.
>> 
>> Do I need a Apache HTTPD fronted? 
> 
> No.  The name of your virtual host (or one of its aliases) must match the 
> host header. If they don't match the default host will be used.
> 
> Given that you've already told us one of the real host names, you might as 
> well show us the real configuration and the real request if you need help 
> spotting the configuration error.

And here I am trying to be smart. ;)

srv.grasmueck.de 
isiee.grasmueck.de 

Here is my server.xml:


  
  
  
  
  
  
  
  

  
  





  

  
  




















  
  

  
  


  

  







  

  



  

  



> 
> Mark



> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

Re: Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Mark Thomas 
On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach"  wrote:
>Dear group,
>
>I have two web applications (a,b) that are both reachable via
>subdomains:
>
>a.example.com 
>b.example.com 
>
>For b.example.com  exists a SSL certificate. 
>a.example.com  does not need SSL.
>The HTTPS connector uses a a Java keystore with the certificate. 
>
>I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>
>CATALINA_HOME/webapps_a
>CATALINA_HOME/webapps_b
>
>The server.xml has been adjusted.
>
>
>
>
>   ...
> 
>
>
>   ...
> 
>
>
>
>Both web apps are deployed using ROOT.war. They get unpacked and there
>are no errors in the log files.
>
>Here is my problem. b works fine, but I can't reach a.
>
>curl -I http://a.example.com 
>HTTP/1.1 302 Found
>Server: Apache-Coyote/1.1
>Cache-Control: private 
>Expires: Thu, 01 Jan 1970 01:00:00 CET
>Location: https://a.example.com 
>Content-Length: 0
>Date: Mon, 01 Feb 2016 13:52:32 GMT
>
>curl -I http://b.example.com 
>HTTP/1.1 302 Found
>Server: Apache-Coyote/1.1
>Cache-Control: private 
>Expires: Thu, 01 Jan 1970 01:00:00 CET
>Location: https://b.example.com 
>Content-Length: 0
>Date: Mon, 01 Feb 2016 13:52:54 GMT  
>
>The redirect sets Location to https. I know this can't work because I
>have no
>certificate for srv.grasmueck.de  nor do I
>need https.
>
>And I see the web application `b` instead of `a` despite the error.
>
>Do I need a Apache HTTPD fronted? 

No.  The name of your virtual host (or one of its aliases) must match the host 
header. If they don't match the default host will be used.

Given that you've already told us one of the real host names, you might as well 
show us the real configuration and the real request if you need help spotting 
the configuration error.

Mark



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Virtual Hosting, HTTP 302 to HTTPS?

2016-02-01 Thread Björn Raupach 
Dear group,

I have two web applications (a,b) that are both reachable via subdomains:

a.example.com 
b.example.com 

For b.example.com  exists a SSL certificate. 
a.example.com  does not need SSL.
The HTTPS connector uses a a Java keystore with the certificate. 

I configured Apache Tomcat 8.0.20 with Virtual Hosting.

CATALINA_HOME/webapps_a
CATALINA_HOME/webapps_b

The server.xml has been adjusted.



 
   ...
 

 
   ...
 



Both web apps are deployed using ROOT.war. They get unpacked and there are no 
errors in the log files.

Here is my problem. b works fine, but I can't reach a.

curl -I http://a.example.com 
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private 
Expires: Thu, 01 Jan 1970 01:00:00 CET
Location: https://a.example.com 
Content-Length: 0
Date: Mon, 01 Feb 2016 13:52:32 GMT

curl -I http://b.example.com 
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private 
Expires: Thu, 01 Jan 1970 01:00:00 CET
Location: https://b.example.com 
Content-Length: 0
Date: Mon, 01 Feb 2016 13:52:54 GMT  

The redirect sets Location to https. I know this can't work because I have no
certificate for srv.grasmueck.de  nor do I need https.

And I see the web application `b` instead of `a` despite the error.

Do I need a Apache HTTPD fronted? 


Thanks for the support! I appreciate it.

Björn