You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Björn Raupach <ra...@me.com> on 2016/02/01 15:07:57 UTC
Virtual Hosting, HTTP 302 to HTTPS?
Dear group,
I have two web applications (a,b) that are both reachable via subdomains:
a.example.com <http://a.example.com/>
b.example.com <http://b.example.com/>
For b.example.com <http://b.example.com/> exists a SSL certificate.
a.example.com <http://a.example.com/> does not need SSL.
The HTTPS connector uses a a Java keystore with the certificate.
I configured Apache Tomcat 8.0.20 with Virtual Hosting.
CATALINA_HOME/webapps_a
CATALINA_HOME/webapps_b
The server.xml has been adjusted.
<Engine name="Catalina" defaultHost="b">
<Host name="a" appBase="webapps_a" unpackWARs="true" autoDeploy="true">
...
</Host>
<Host name="b" appBase="webapps_b" unpackWARs="true" autoDeploy="true">
...
</Host>
</Engine>
Both web apps are deployed using ROOT.war. They get unpacked and there are no errors in the log files.
Here is my problem. b works fine, but I can't reach a.
curl -I http://a.example.com <http://a.example.com/>
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu, 01 Jan 1970 01:00:00 CET
Location: https://a.example.com <https://a.example.com/>
Content-Length: 0
Date: Mon, 01 Feb 2016 13:52:32 GMT
curl -I http://b.example.com <http://b.example.com/>
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu, 01 Jan 1970 01:00:00 CET
Location: https://b.example.com <https://b.example.com/>
Content-Length: 0
Date: Mon, 01 Feb 2016 13:52:54 GMT
The redirect sets Location to https. I know this can't work because I have no
certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I need https.
And I see the web application `b` instead of `a` despite the error.
Do I need a Apache HTTPD fronted?
Thanks for the support! I appreciate it.
Björn
Re: Virtual Hosting, HTTP 302 to HTTPS?
Posted by Björn Raupach <ra...@me.com>.
> On 01 Feb 2016, at 16:29, Jeffrey Janner <Je...@PolyDyne.com> wrote:
>
>> -----Original Message-----
>> From: Mark Thomas [mailto:markt@apache.org]
>> Sent: Monday, February 01, 2016 9:21 AM
>> To: Tomcat Users List <us...@tomcat.apache.org>
>> Subject: Re: Virtual Hosting, HTTP 302 to HTTPS?
>>
>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" <ra...@me.com>
>> wrote:
>>> Dear group,
>>>
>>> I have two web applications (a,b) that are both reachable via
>>> subdomains:
>>>
>>> a.example.com <http://a.example.com/>
>>> b.example.com <http://b.example.com/>
>>>
>>> For b.example.com <http://b.example.com/> exists a SSL certificate.
>>> a.example.com <http://a.example.com/> does not need SSL.
>>> The HTTPS connector uses a a Java keystore with the certificate.
>>>
>>> I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>>>
>>> CATALINA_HOME/webapps_a
>>> CATALINA_HOME/webapps_b
>>>
>>> The server.xml has been adjusted.
>>>
>>> <Engine name="Catalina" defaultHost="b">
>>>
>>> <Host name="a" appBase="webapps_a" unpackWARs="true" autoDeploy="true">
>>> ...
>>> </Host>
>>>
>>> <Host name="b" appBase="webapps_b" unpackWARs="true" autoDeploy="true">
>>> ...
>>> </Host>
>>>
>>> </Engine>
>>>
>>> Both web apps are deployed using ROOT.war. They get unpacked and there
>>> are no errors in the log files.
>>>
>>> Here is my problem. b works fine, but I can't reach a.
>>>
>>> curl -I http://a.example.com <http://a.example.com/>
>>> HTTP/1.1 302 Found
>>> Server: Apache-Coyote/1.1
>>> Cache-Control: private
>>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>>> Location: https://a.example.com <https://a.example.com/>
>>> Content-Length: 0
>>> Date: Mon, 01 Feb 2016 13:52:32 GMT
>>>
>>> curl -I http://b.example.com <http://b.example.com/>
>>> HTTP/1.1 302 Found
>>> Server: Apache-Coyote/1.1
>>> Cache-Control: private
>>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>>> Location: https://b.example.com <https://b.example.com/>
>>> Content-Length: 0
>>> Date: Mon, 01 Feb 2016 13:52:54 GMT
>>>
>>> The redirect sets Location to https. I know this can't work because I
>>> have no
>>> certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I
>>> need https.
>>>
>>> And I see the web application `b` instead of `a` despite the error.
>>>
>>> Do I need a Apache HTTPD fronted?
>>
>> No. The name of your virtual host (or one of its aliases) must match
>> the host header. If they don't match the default host will be used.
>>
>> Given that you've already told us one of the real host names, you might
>> as well show us the real configuration and the real request if you need
>> help spotting the configuration error.
>>
>> Mark
>>
> Since the information provided shows that both URLs are responding with a 302 redirect to the HTTPS connector with the same hostname as provided, I'd say that his server.xml configuration is working correctly.
> Obviously, there is something in both webapps that is forcing the redirect.
> Might I suggest the OP take a look at the web.xml file for the A host to see if he can see that it is indeed requesting the redirect? (hint: <security-constraint> section.)
> Jeff
Hi Jeff,
the web application with the certificate does have a security constraint in the web.xml.
<security-constraint>
<web-resource-collection>
<url-pattern>/index.xhtml</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org <ma...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org <ma...@tomcat.apache.org>
RE: Virtual Hosting, HTTP 302 to HTTPS?
Posted by Jeffrey Janner <Je...@PolyDyne.com>.
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org]
> Sent: Monday, February 01, 2016 9:21 AM
> To: Tomcat Users List <us...@tomcat.apache.org>
> Subject: Re: Virtual Hosting, HTTP 302 to HTTPS?
>
> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" <ra...@me.com>
> wrote:
> >Dear group,
> >
> >I have two web applications (a,b) that are both reachable via
> >subdomains:
> >
> >a.example.com <http://a.example.com/>
> >b.example.com <http://b.example.com/>
> >
> >For b.example.com <http://b.example.com/> exists a SSL certificate.
> >a.example.com <http://a.example.com/> does not need SSL.
> >The HTTPS connector uses a a Java keystore with the certificate.
> >
> >I configured Apache Tomcat 8.0.20 with Virtual Hosting.
> >
> >CATALINA_HOME/webapps_a
> >CATALINA_HOME/webapps_b
> >
> >The server.xml has been adjusted.
> >
> ><Engine name="Catalina" defaultHost="b">
> >
> ><Host name="a" appBase="webapps_a" unpackWARs="true" autoDeploy="true">
> > ...
> > </Host>
> >
> ><Host name="b" appBase="webapps_b" unpackWARs="true" autoDeploy="true">
> > ...
> > </Host>
> >
> ></Engine>
> >
> >Both web apps are deployed using ROOT.war. They get unpacked and there
> >are no errors in the log files.
> >
> >Here is my problem. b works fine, but I can't reach a.
> >
> >curl -I http://a.example.com <http://a.example.com/>
> >HTTP/1.1 302 Found
> >Server: Apache-Coyote/1.1
> >Cache-Control: private
> >Expires: Thu, 01 Jan 1970 01:00:00 CET
> >Location: https://a.example.com <https://a.example.com/>
> >Content-Length: 0
> >Date: Mon, 01 Feb 2016 13:52:32 GMT
> >
> >curl -I http://b.example.com <http://b.example.com/>
> >HTTP/1.1 302 Found
> >Server: Apache-Coyote/1.1
> >Cache-Control: private
> >Expires: Thu, 01 Jan 1970 01:00:00 CET
> >Location: https://b.example.com <https://b.example.com/>
> >Content-Length: 0
> >Date: Mon, 01 Feb 2016 13:52:54 GMT
> >
> >The redirect sets Location to https. I know this can't work because I
> >have no
> >certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I
> >need https.
> >
> >And I see the web application `b` instead of `a` despite the error.
> >
> >Do I need a Apache HTTPD fronted?
>
> No. The name of your virtual host (or one of its aliases) must match
> the host header. If they don't match the default host will be used.
>
> Given that you've already told us one of the real host names, you might
> as well show us the real configuration and the real request if you need
> help spotting the configuration error.
>
> Mark
>
Since the information provided shows that both URLs are responding with a 302 redirect to the HTTPS connector with the same hostname as provided, I'd say that his server.xml configuration is working correctly.
Obviously, there is something in both webapps that is forcing the redirect.
Might I suggest the OP take a look at the web.xml file for the A host to see if he can see that it is indeed requesting the redirect? (hint: <security-constraint> section.)
Jeff
Re: Virtual Hosting, HTTP 302 to HTTPS?
Posted by Björn Raupach <ra...@me.com>.
> On 01 Feb 2016, at 17:30, Mark Thomas <ma...@apache.org> wrote:
>
> On 01/02/2016 15:27, Björn Raupach wrote:
>>> On 01 Feb 2016, at 16:20, Mark Thomas <ma...@apache.org> wrote:
>>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" <ra...@me.com> wrote:
>
> <snip/>
>
>>>> Do I need a Apache HTTPD fronted?
>>>
>>> No. The name of your virtual host (or one of its aliases) must match the host header. If they don't match the default host will be used.
>>>
>>> Given that you've already told us one of the real host names, you might as well show us the real configuration and the real request if you need help spotting the configuration error.
>>
>> And here I am trying to be smart. ;)
>>
>> srv.grasmueck.de <http://srv.grasmueck.de/>
>> isiee.grasmueck.de <http://isiee.grasmueck.de/>
>
> <snip/>
>
>> <Host name="isiee" appBase="webapps_isiee"
>> unpackWARs="true" autoDeploy="true">
>
> <snip/>
>
>> </Host>
>>
>> <Host name="srv" appBase="webapps_srv"
>> unpackWARs="true" autoDeploy="true">
>
> <snip/>
>
>> </Host>
>> </Engine>
>> </Service>
>> </Server>
>
> To repeat: The name of your virtual host (or one of its aliases) must
> match the host header.
>
> You should be using
> <Host name="isiee.grasmueck.de" ...>
> and
> <Host name="srv.grasmueck.de" …>
Thank you for being so patient. This worked!
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Virtual Hosting, HTTP 302 to HTTPS?
Posted by Mark Thomas <ma...@apache.org>.
On 01/02/2016 15:27, Björn Raupach wrote:
>> On 01 Feb 2016, at 16:20, Mark Thomas <ma...@apache.org> wrote:
>> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" <ra...@me.com> wrote:
<snip/>
>>> Do I need a Apache HTTPD fronted?
>>
>> No. The name of your virtual host (or one of its aliases) must match the host header. If they don't match the default host will be used.
>>
>> Given that you've already told us one of the real host names, you might as well show us the real configuration and the real request if you need help spotting the configuration error.
>
> And here I am trying to be smart. ;)
>
> srv.grasmueck.de <http://srv.grasmueck.de/>
> isiee.grasmueck.de <http://isiee.grasmueck.de/>
<snip/>
> <Host name="isiee" appBase="webapps_isiee"
> unpackWARs="true" autoDeploy="true">
<snip/>
> </Host>
>
> <Host name="srv" appBase="webapps_srv"
> unpackWARs="true" autoDeploy="true">
<snip/>
> </Host>
> </Engine>
> </Service>
> </Server>
To repeat: The name of your virtual host (or one of its aliases) must
match the host header.
You should be using
<Host name="isiee.grasmueck.de" ...>
and
<Host name="srv.grasmueck.de" ...>
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Virtual Hosting, HTTP 302 to HTTPS?
Posted by Björn Raupach <ra...@me.com>.
> On 01 Feb 2016, at 16:20, Mark Thomas <ma...@apache.org> wrote:
>
> On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" <ra...@me.com> wrote:
>> Dear group,
>>
>> I have two web applications (a,b) that are both reachable via
>> subdomains:
>>
>> a.example.com <http://a.example.com/>
>> b.example.com <http://b.example.com/>
>>
>> For b.example.com <http://b.example.com/> exists a SSL certificate.
>> a.example.com <http://a.example.com/> does not need SSL.
>> The HTTPS connector uses a a Java keystore with the certificate.
>>
>> I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>>
>> CATALINA_HOME/webapps_a
>> CATALINA_HOME/webapps_b
>>
>> The server.xml has been adjusted.
>>
>> <Engine name="Catalina" defaultHost="b">
>>
>> <Host name="a" appBase="webapps_a" unpackWARs="true" autoDeploy="true">
>> ...
>> </Host>
>>
>> <Host name="b" appBase="webapps_b" unpackWARs="true" autoDeploy="true">
>> ...
>> </Host>
>>
>> </Engine>
>>
>> Both web apps are deployed using ROOT.war. They get unpacked and there
>> are no errors in the log files.
>>
>> Here is my problem. b works fine, but I can't reach a.
>>
>> curl -I http://a.example.com <http://a.example.com/>
>> HTTP/1.1 302 Found
>> Server: Apache-Coyote/1.1
>> Cache-Control: private
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Location: https://a.example.com <https://a.example.com/>
>> Content-Length: 0
>> Date: Mon, 01 Feb 2016 13:52:32 GMT
>>
>> curl -I http://b.example.com <http://b.example.com/>
>> HTTP/1.1 302 Found
>> Server: Apache-Coyote/1.1
>> Cache-Control: private
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Location: https://b.example.com <https://b.example.com/>
>> Content-Length: 0
>> Date: Mon, 01 Feb 2016 13:52:54 GMT
>>
>> The redirect sets Location to https. I know this can't work because I
>> have no
>> certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I
>> need https.
>>
>> And I see the web application `b` instead of `a` despite the error.
>>
>> Do I need a Apache HTTPD fronted?
>
> No. The name of your virtual host (or one of its aliases) must match the host header. If they don't match the default host will be used.
>
> Given that you've already told us one of the real host names, you might as well show us the real configuration and the real request if you need help spotting the configuration error.
And here I am trying to be smart. ;)
srv.grasmueck.de <http://srv.grasmueck.de/>
isiee.grasmueck.de <http://isiee.grasmueck.de/>
Here is my server.xml:
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<!-- Security listener. Documentation at /docs/config/listeners.html
<Listener className="org.apache.catalina.security.SecurityListener" />
-->
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource auth="Container"
driverClassName="com.mysql.jdbc.Driver"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionState;org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer"
validationQuery="/* ping */"
testWhileIdle="true"
removeAbandoned="true"
removeAbandonedTimeout="60"
name="jdbc/gsdb"
username="gs"
password="*********"
type="javax.sql.DataSource"
url="jdbc:mysql://172.31.19.88/gsdb?noAccessToProcedureBodies=true" />
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/opt/apache-tomcat-8.0.20/conf/keystore" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<!--
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
-->
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="isiee">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="isiee" appBase="webapps_isiee"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="isiee_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<Host name="srv" appBase="webapps_srv"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="srv_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
>
> Mark
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
Re: Virtual Hosting, HTTP 302 to HTTPS?
Posted by Mark Thomas <ma...@apache.org>.
On 1 February 2016 14:07:57 GMT+00:00, "Björn Raupach" <ra...@me.com> wrote:
>Dear group,
>
>I have two web applications (a,b) that are both reachable via
>subdomains:
>
>a.example.com <http://a.example.com/>
>b.example.com <http://b.example.com/>
>
>For b.example.com <http://b.example.com/> exists a SSL certificate.
>a.example.com <http://a.example.com/> does not need SSL.
>The HTTPS connector uses a a Java keystore with the certificate.
>
>I configured Apache Tomcat 8.0.20 with Virtual Hosting.
>
>CATALINA_HOME/webapps_a
>CATALINA_HOME/webapps_b
>
>The server.xml has been adjusted.
>
><Engine name="Catalina" defaultHost="b">
>
><Host name="a" appBase="webapps_a" unpackWARs="true" autoDeploy="true">
> ...
> </Host>
>
><Host name="b" appBase="webapps_b" unpackWARs="true" autoDeploy="true">
> ...
> </Host>
>
></Engine>
>
>Both web apps are deployed using ROOT.war. They get unpacked and there
>are no errors in the log files.
>
>Here is my problem. b works fine, but I can't reach a.
>
>curl -I http://a.example.com <http://a.example.com/>
>HTTP/1.1 302 Found
>Server: Apache-Coyote/1.1
>Cache-Control: private
>Expires: Thu, 01 Jan 1970 01:00:00 CET
>Location: https://a.example.com <https://a.example.com/>
>Content-Length: 0
>Date: Mon, 01 Feb 2016 13:52:32 GMT
>
>curl -I http://b.example.com <http://b.example.com/>
>HTTP/1.1 302 Found
>Server: Apache-Coyote/1.1
>Cache-Control: private
>Expires: Thu, 01 Jan 1970 01:00:00 CET
>Location: https://b.example.com <https://b.example.com/>
>Content-Length: 0
>Date: Mon, 01 Feb 2016 13:52:54 GMT
>
>The redirect sets Location to https. I know this can't work because I
>have no
>certificate for srv.grasmueck.de <http://srv.grasmueck.de/> nor do I
>need https.
>
>And I see the web application `b` instead of `a` despite the error.
>
>Do I need a Apache HTTPD fronted?
No. The name of your virtual host (or one of its aliases) must match the host header. If they don't match the default host will be used.
Given that you've already told us one of the real host names, you might as well show us the real configuration and the real request if you need help spotting the configuration error.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org