I've been following this thread for a bit and can offer some of my painfully gained insights. I have Apache, tomcat 5.0.28, mod_jk and SSL.
This is not a real fix, just my workarounds.

It drove me nuts forever until I figured out that Apache webserver does not successful apply rewrite rules to the JkMount directive.

In my httpd.conf:

#tomcat worker
JkWorkersFile "conf/workers.properties"
JkLogFile "logs/jk.log"
JkLogLevel info
JkMount /*.jsp jkworker

Under my virtual host port 80 I tested a few rewrite rules(the first was to the 'admin' directory, the second was for all requests):

RewriteRule ^/admin/(.*)$ https://server.name.com/$1 [R]

RewriteRule ^.*$ https://server.name.com%{REQUEST_URI} [R]

The rewrite would work for non JkMount items, but the behavior seemed to show apache just handing off the transaction to tomcat via the mount BEFORE applying the rewrite. (please check this for yourself, if you use a rewrite rule to a non JkMount directory Apache should redirect it successfully)

Tomcat would not bounce it to port 443 because the rewrite rule was not in the tomcat layer.

Our java programer ended up writing a custom jsp that redirected the transaction to a SSL port.
I then made the redirect directory forbidden under non-SSL.

I suspect there maybe a more graceful way to do this please let me know if you find it.


Reply via email to