Chris, Thanks a lot for your reply. I read both and what I still don't get is: How do I specify a connector to a host?
it seems connectors cannot be nested inside an engine nor in a host and connectors can contain neither Otherwise I would create two engines one with ssl and the other without and specify the hosts herein or with each host, specify which connectors it can use or specify the applicable hosts inside a connector Those three aren't possibe (according to the docs) I would like https://localhost/ and http://localhost/ to refer to the same appbase and have http://*.autumn.nl/ to refer to one appbase and https://secure.autumn.nl/ to another appbase basically having three appbases, secure.autumn.nl, localhost and *.autumn.nlwhich then contain contexts as usual How would I go about this then? Thanks in advance, Serge Fonville On Fri, Oct 10, 2008 at 4:28 PM, Christopher Schultz < [EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Serge, > > Serge Fonville wrote: > > I have Tomcat 6.0.18 with the native dll installed > > I have two hosts presently (more to come) > > localhost and autumn.nl > > What I want now is > > > > *.autumn.nl accessble only via http > > You need a <Host name="autumn.nl"> with an HTTP <Connector> only. Also, > you need to set this <Host> as the "defaultHost" for your <Engine>. > > > secure.autumn.nl accessible only via https > > You need a <Host name="secure.autumn.nl"> with an HTTPS <Connector> only. > > > localhost accessible via both > > Another <Host name="localhost"> with both kinds of connectors. > > See > http://tomcat.apache.org/tomcat-6.0-doc/config/host.html > and > http://tomcat.apache.org/tomcat-6.0-doc/config/engine.html > > Note that for each <Host> you have, you will need separate deployment > directories and each application will be deployed separately for each > host. So, if you have 2 applications to deploy over these 3 domains, > you'll get 6 running applications. > > There /are/ other ways of achieving your goal. Here are some ideas that > will allow you to have only a single instance of each of your > applications running: > > 1. Run Apache httpd out front to handle SSL and your security desires. I > suspect you already know how to configure this. > > 2. Use filters in your application (or valves directly in Tomcat) to > inspect requests and reject those that match certain criteria (such as > SSL access to "(^secure).autumn.nl". You can use a tool like > http://tuckey.org/urlrewrite/ to do this quite easily. > > I'm sure there are other ways. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkjvZo4ACgkQ9CaO5/Lv0PBNpQCfaQscn9zwpv+lgUW+AdDNhuF8 > VmgAn2KfcNZaz7iu7sMk2xvScMEWhQ/m > =XiAQ > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
