Thank You! You got me on the right track and I've been able to get something working. I don't feel very confident in my http.conf or ssl.conf being completely how it should be.
I think my main problem was that I was including in http.conf the mod_jk.conf that is automatically generated by tomcat. And I believe that the file needs to be included not inside a <VirtualHost> tag. So that would make it global? Now I just manually moved the relevant listings in mod_jk.conf to http.conf and ssl.conf. Is that how you have your setup? The other thing that is odd, is that if I set my browser pointed at the webapps directory (or anywhere inside of it), the browser gets redirected to the secure connection (https). This is EXACTLY how I want it to behave, but I don't know what makes that happen. Thanks again, Oscar On 2 Feb 2003, Ed Robbins wrote: > You should be able to do this without much trouble. The thing to > remember is that Apache treats non-ssl and ssl connections as two > different entities. You have a VirtualHost configuration for the > non-ssl stuff on port 80 and a VirtualHost configuration for SSL > communication. You can mount or not mount in either of these areas. > The tricky part is to keep the document root of each one seperate, that > may be where your running into trouble. In my ssl setup I make my > document root, for a given virtual host, a completely different location > then its non-ssl counterpart. Thus for a given host www.testhost.com I > may have the following doc roots: > > Non-SSL > > /var/httpd/nonsecure/htdocs/testhost > > SSL > > /var/httpd/secure/htdocs/testhost > > This way I have a clear delineation of where my secure content is served > from vs. my non secure content. > > > Ed > > On Sat, 2003-02-01 at 13:30, Oscar Carrillo wrote: > > I am having a difficult time with what would appear to be a common issue. > > > > I have Tomcat 4.1.18 with mod_jk connecting with Apache/SSL. > > It works great, but I am having difficulty figuring out how to separate > > SSL and non-SSL communcations. > > > > Ideally, it would seem that the proper way for this to function would be > > to have <VirtualHost> in Apache and they mount the repective webapps > > directory (or none at all for inaccessibility) using the mod_jk connector > > configuration. > > > > But mounting seems to be global as far as I can tell. So that > > http://myhost.mydomain/myTomcatDirectory/ goes the same place that > > https://myhost.mydomain/myTomcatDirectory/ > > > > If this is not possible or very involved, maybe it would somehow be easier > > to disable just that directory in Apache for port 80. I could not get that > > to work either as it seemed to pass the request to the mod_jk connector. I > > may have done something wrong there, but I tried to follow the > > documentation with Directory directives. > > > > If that had worked I could not use that same directory name for content on > > the Apache side but that's not that big of a deal. > > > > The other option I thought of was to do URL Rewriting in Apache so that > > all "http://myhost.mydomain/myTomcatDirectory"; would get replaced with > > "https://myhost.mydomain/myTomcatDirectory";. That seemed like a decent > > option to, but the configuration for the mod_rewrite was a bear to try and > > figure out. If someone knows how do something simple like I describe > > please post. > > > > The other option I could think of is to not have apache listen on port 80, > > and then run another instance of apache with it's own config files that > > would just listen to port 80. Seems a little awkward but I also had > > difficulty getting a second copy of apache running. > > > > A little enlightenment is greatly appreciated. > > > > Thank you, > > Oscar Carrillo > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
