Is it possible that sessions aren't persistent when switching between connectors. The proxyPort attribute on the connector did fix my problem, but I've discovered that logging in over an https connection only works if I click the remember-me checkbox, which sets a cookie on the client and stores some state in a db which can associate the cookie with the identity of the user. If I don't use remember me, the authentication occurs when connected via the secure connector and the user's identity is stored in the session, but when the system switches back to the other connector, it fails to find the authorization info in the session, so it redirects right back to the login page via https. I suspect the session cookie is being set as https-only, so it doesn't get passed back when accessing via http. Is there any way to correct this behaviour? I'll confirm momentarily.
On Tue, Oct 13, 2009 at 1:00 AM, Sam Gendler <sgend...@vid.me> wrote: > That looks like it will work, but it doesn't explain why the connector > would think port 80 was appropriate. I could see port 8090 showing up, but > given that the scheme is https and there was no port number in the request, > surely it should have resolved that to port 443 instead of port 80? It just > seems like a bug to me. It does look like proxyPort can be used to force it > to 443, though, so that will work. > > > On Tue, Oct 13, 2009 at 12:19 AM, Peter Crowther < > peter.crowt...@melandra.com> wrote: > >> 2009/10/13 Sam Gendler <sgend...@vid.me>: >> > That method uses >> > request.getScheme(), to retrieve "https" (correct) and >> > request.getServerName() to get the correct host name. It then calls >> > request.getServerPort(), which incorrectly returns the value of 80. >> [...] >> > What do I need to do to get the request to correctly return 443 as the >> port >> > when a request arrives on the connector without any port in the url or >> Host >> > header? >> >> The keyword to look for is "Proxying" - your SSL front-end is proxying >> the SSL connector for you. >> >> http://tomcat.apache.org/tomcat-6.0-doc/config/http.html shows >> connector attributes of "proxyHost" and "proxyPort", which I think >> will do exactly what you want. >> >> Hope this helps! >> >> - Peter >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> >
