Re: Webapps exposed on distinct ports

[David Jencks]

On Oct 12, 2006, at 9:33 AM, Mark Bradley wrote:
Greetings all,

I am trying to figure out how to solve this exact same problem as  
described by Rick (below) where I need to deploy different apps to  
different tomcat connectors on different ports (already available).

David says this capability became available in 1.1.   Does anyone  
know how to do this?

the wiki page has an example and discussion, can you be specific  
about what more you need?

thanks
david jencks


Thanks,

-Mark

------

On Jun 13, 2006, at 9:34 AM, Rick Sears wrote:


    Hello everyone,

    I've been trolling the web the past couple days looking for
    examples/information on how to accomplish something that is  
currently
    being done in an application we are looking at porting to run  
under
    Geronimo.  We would like to be able to expose one webapp on a  
non-ssl
    port, say 12345, while having another webapp also running in  
Geronimo
    running on a different ssl-enabled port, say 54321.  The webapp
    running on the ssl-enabled port should not be accessible from  
the non
    ssl-enabled port.

    I've looked at a bunch of the Geronimo documentation, but all the
    things i've tried have come up short using Geronimo 1.0.  There  
seems
    to be an example of doing something similar using Geronimo 1.1

    (http://opensource.atlassian.com/confluence/oss/display/ 
GERONIMO/ Exposing+Web+Applications+on+distinct+ports),

    but I am just wondering if i'm missing something that is also
    available on Geronimo 1.0.  The references to the <web-app> tag  
under
    the <module> tag are problematic in Geronimo 1.0, but I can't  
see any
    other way of tying a given deployed webapp to a particular Tomcat
    container (that is exposed on one set of ports but not the other).

    If anyone has any examples/information on how to tie a deployed  
Tomcat
    webapp to a particular container with a distinct set of exposed  
ports,
    please let me know.

This capability is new in 1.1. In 1.0, you might possibly be able  
to get something to work by using virtual hosts, but I'm not enough  
of an expert on that to give you good advice. In particular I don't  
know how reliable it would be.

One other thing you might be able to use to prevent access from the  
non-ssl port is use j2ee web security to require the CONFIDENTIAL  
transport guarantee for the secured app. This probably wouldn't  
hide the existence of the secured app but would prevent access: I  
think you'd get a "forbidden" error rather than a "not found"

thanks
david jencks