I have tc4.1.12, Apache 2.0.43 mod_ssl and mod_jk set up and working
successfully on my Mac (OS X 10.1.5), but tweaking the Apache config to
get it to work was... involved, let's say :-)
Users enter the site (using http: protocol) at /drs/home. This contains
a button labelled "Login" that takes them to /drs/private/home. Because
/drs/private/* is under a security contraint, it triggers a redirect to
/drs/login which POSTs to j_security_check, etc.
Previously, using tomcat-standalone, the
<transport-guarantee>CONFIDENTIAL</transport-guarantee> triggered the
switch to https: - however, this no longer works when Apache/mod_jk are
in the loop.
Because /drs/private/* isn't accessible via http: I was getting an
Apache-generated 404 error when the login button on the home page was
clicked: the solution I found was to place a
Redirect /drs/private/home https://<host>/drs/private/home
in httpd.conf
Of course, this gives an extra redirect, and seems inelegant...does
anyone have a better solution? [And no, I don't think mod_rewrite is a
better solution!]
Martin.
PS I don't want to hard-code the full URL in the button on-click
handler, as I don't want to have Yet Another Thing To Change when I move
to the production server.
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
