Doug,
Thanks for reply. I am not clear with this line
>Add this to the web.xml of the app on the https side.
Do you mean to add those lines in the web.xml of "IBS" context(which
contain HTTPS files)? or the web.xml file present in the "conf" directory?
>Add the following elements to your context as well:
>crossContext="false"
>override="true"
>privileged="false'
Should I add them to the IBS context or IBS1 context?
I will definitely post all of my configuration files to the mail-list. So
that it could be of some help to other developers.
Thank you,
Best Regards,
Uma
"Parsons
Technical
Services" To
<parsonstechnical
@earthlink.net> "Tomcat Users List"
<[EMAIL PROTECTED]>
03/31/2004 06:24 cc
PM
Please respond to
"Tomcat Users
List" Subject
<[EMAIL PROTECTED] Re: Configuring Tomcat on different
rta.apache.org> IP's
Uma,
Do a ping localhost from the command line. It will only resolve to one
name.
So don't get concerned that it doesn't work. As long as the IPs work you
are
fine.
Now for the access issue. Did you set up a security constraint in your
web.xml file?
Add this to the web.xml of the app on the https side.
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you require authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
This is from the link I sent you earlier:
http://marc.theaimsgroup.com/?l=tomcat-user&m=104951559722619&w=2
This will prevent access to the webapp through http and force the client to
https.
If I understand your problem, it is that the client can get to the webapp
from the http IP.
Add the following elements to your context as well:
crossContext="false"
override="true"
privileged="false'
As for the connector, I think Bill correct, so yes you can remove it.
Let us know how it goes.
Doug
PS When you get it working, add the word SOLVED to the end of your subject
line and post all your config files. Just one way to give back to the list.
Thanks
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Tuesday, March 30, 2004 10:52 PM
Subject: Re: Configuring Tomcat on different IP's
>
>
>
>
> Doug,
> I am finally getting something to work after doing lot of experiments.
Now
> the issue is
> 1)It does not work with http://localhost, seems to be a problem with my
> DNS.
> 2)It works with http://172.27.2.44
>
> This address (172.27.2.44) is defined in the first service and the <host>
> tag has a context as
> <Context path="" docBase="/IBS1" debug="0">
> </Context>
> Look its IBS1. This context has an index.jsp file which just fwd the
> request to https://172.27.2.246/IBS/Login.jsp
>
> This address (172.27.2.246) is defined in the second service and the
> <host> tag has a context as
> <Context path="" docBase="/IBS" debug="0">
> </Context>
> Look its IBS now. This context has all the files that needs to run under
> https.
>
> 3)Now when the user logs in using https://172.27.2.246/IBS/Login.jsp he
> goes to https://172.27.2.246/IBS/d1.jsp
>
> 4)When the user changes the port to HTTP (in the address bar of the
> browser) and doesnt change the IP address as http://172.27.2.246
> /IBS/d1.jsp, then the user gets "cannot find server". This is perfect.
>
> 5)When the user changes the port to HTTP and change the IP address (in
the
> address bar of the browser) as http://172.27.2.44/IBS/d1.jsp, as I am
> internally checking for the session, the programme finds the session is
> invalid and sends him to (HTTP Login page) http://172.27.2.44
> /IBS/Login.jsp. Now the user still can access my IBS context files using
> http protocol and 80 port.
>
> Now see this IP configuration (172.27.2.44) on port 80 has got a context
> reference of IBS1 and it still supports IBS context that is on port 443.
>
> It seems to me that Tomcat 5 is still internally checking for the
contexts
> somewhere else other than the server.xml file. If we can disable that
then
> it should work fine.
>
> Can I know from where the Tomcat is reading the default <context>? So
that
> I can disable them? or if there is any better solution to this please
help
> me out.
>
> Thank you,
> Best Regards,
> Uma
>
>
>
>
>
> "Parsons
> Technical
> Services"
To
> <parsonstechnical
> @earthlink.net> "Tomcat Users List"
> <[EMAIL PROTECTED]>
> 03/30/2004 06:58
cc
> PM
>
>
> Please respond to
> "Tomcat Users
> List"
Subject
> <[EMAIL PROTECTED] Re: Configuring Tomcat on
different
> rta.apache.org> IP's
>
>
>
>
>
>
>
>
>
>
> Uma,
>
> This has moved beyond my experiance. Other than experimenting or diving
> into
> the source what I suggest now is to reply to this post and edit the
subject
> line to read:
>
> Two service on one Tomcat instance.[Was Re: Configuring Tomcat on
different
> IP's]
>
> In the hope that someone with more information will respond.
>
> You may try google with a search based on tomcat and two or multiple
> service.
>
> Sorry I ran out of ideas.
>
> Doug
>
>
> ----- Original Message -----
> From: <[EMAIL PROTECTED]>
> To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Sent: Monday, March 29, 2004 11:50 PM
> Subject: Re: Configuring Tomcat on different IP's
>
>
> >
> >
> >
> >
> > Doug,
> > I fogot to tell you that the first context has only one .jsp file. Here
> is
> > the content of that "index.jsp" file
> >
> > <%
> > response.sendRedirect("https://172.27.2.246/IBS/Login.jsp";);
> > %>
> >
> > Thanks
> > Uma
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
