Hi, I'm trying to secure my webapp via SSL. I'm running Tomcat Version 4.0 behind Apache 1.3.12. Apache and Tomcat communicate via mod_proxy as shown in
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/proxy-howto.html Apache has been compiled with mod_ssl, and SSL communications with apache appear to work correctly. Additionally, my webapp is secured via several <security-constraint> blocks. In each constraint I have the following: <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> I also put the correct redirect port in the http connector section of server.xml, e.g. redirectPort="443" So my webapp works fine, until I add the <user-data-constraint>. With that constraint, I get: Apache Tomcat/4.0.1 - HTTP Status 500 - description The server encountered an internal error (/ttapp/reserve/manager) that prevented it from fulfilling this request. Strangely enough, there are no errors or exceptions reported in any of the log files??? After searching through the archives, it sounds like this sort of configuration (apache with ssl sitting in front of tomcat) has only been done with the warp connector. Is my only recourse to use mod_webapp? Or should I be able to get this to work with mod_proxy? Any insight would be greatly appreciated. Many thanks, Rich -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
