In tomcat atleast I can specify the connector as follows (in
server.xml):
<Connector port="8002" proxyName="my.serv.com" proxyPort="443"
maxSpareThreads="75" maxThreads="300"
minSpareThreads="35"
enableLookups="false" secure="true"
protocol="AJP/1.3" />This is for an AJP/1.3 connector but I think you get the picture. This way you can get everything entering this connector to believe that it is a secure connection running on port 443, although it is not secure and running on port 8002. This way the links generated will be correct, and we doesn't need a rewriting scheme. Hope I understood your problem correctly. Dunno if resin can do the same though... HTH Olve tir, 03,.01.2006 kl. 13.37 -0500, skrev Glen: > I think this covers a different issue... Though one I come across often > enough and will use :-) > > The issue I am having is the user requests > > https://myserver.com:8443/app > > Which goes through the SSL proxy and gets routed to the web servers port > 8080. If I look at the request in the webserver it sees the request url > as http://myserver.com:8443/app (not http not https but the ports are > correct). This could be a bug in my web server (resin). > > I believe this leads to the issue I am trying to rememdy which is... > > This page has lots of links to http://myserver.com:8443/app?foo=bar all > with different query parms ala tapestry style. So it is not missed the > Tapestry generated page gives links with HTTP not HTTPS. > > FWIW I have also noticed that in NON-tapestry pages when I do a relative > redirect. The redirect goes to the browser with http. I have resolved > this issue already on the non-tapestry parts and am looking for a way to > make it work in tapestry... > > > > > > Patrick Casey wrote: > > Can't you use your web server's redirect function to take care of > > this? On tomcat, for example, you specify: > > > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>Corinna</web-resource-name> > > <url-pattern>/foo/bar/*</url-pattern> > > </web-resource-collection> > > <user-data-constraint> > > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > > </user-data-constraint> > > </security-constraint> > > > > And then any url that starts with /foo/bar automatically goes to > > https. > > > > In my experience that's a lot cleaner (not to mention a lot easier) > > than having your application try to sort out what should, and should not, go > > out over https. > > > > The only issue with Tapestry is that it's sometimes awkward to use > > pattern matching with tapestry urls because they look so funky, but since > > you're using external links that shouldn't be a problem. > > > > --- Pat > > > > > >>-----Original Message----- > >>From: Glen [mailto:[EMAIL PROTECTED] > >>Sent: Tuesday, January 03, 2006 10:16 AM > >>To: [email protected] > >>Subject: changing an external link to use https > >> > >>For reasons out of my control I have a webapp that runs on port 8081 and > >>has an SSL proxy/accelerator in front of it on port 443. > >> > >>What I am seeing is that when the request comes in from the proxy if the > >>url in the browser is https://myserver.com:443... The url for my > >>external link and redirects is http://myserver.com:443... > >> > >>Is there anyway to fix this? I have heard mentione before a url > >>listener/rewriter. Would this work? Would it work for external link, > >>direct link, and redirects? > >> > >>
signature.asc
Description: Dette er en digitalt signert meldingsdel
