You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by raveendra <ra...@gmail.com> on 2008/08/21 15:47:27 UTC
HTTPConnector url redirection
Hi all,
I am want to run my entire application on https which is developed using
struts2.So i configured my server.xml and web.xml as shown below.
server.xml--------
<Connector port="8080" protocol="HTTP/1.1"
maxThreads="150" connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443" protocol="HTTP/1.1"
minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="C:/Tomcat 6.0/conf/airo/.keystore"
keystorePass="mypassword"
clientAuth="false" sslProtocol="SSL"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
web.xml----------
<security-constraint>
<web-resource-collection>
<web-resource-name>ama</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
when i type url http://localhost:8080/myapp/start.action it is getting
redirected to https://localhost:8443/myapp/start.action.
But after accepting the certificate and loading the page.If i change my url
to http://localhost:8443/myapp/start.action just by removing 's' it is
loading the pages
with some GUI errors and after traversing couple of pages it is logging
out.I don't want it to happen.
When user remove 's' from url i want to redirect to same url with
https.Suppose if they remove 's' and it is
http://localhost:8080/myapp/start.action and load the page
i want it to redirected to https://localhost:8080/myapp/start.action.
Re: HTTPConnector url redirection
Posted by David Smith <dn...@cornell.edu>.
Just as a thought, but I've seen on occasion where Firefox in particular
will offer up cached content when something goes haywire with the
request. As a test, when you drop the s from https (leaving the port
number on the end), try to reload w/ the shift key down to force your
browser to drop cached content in favor of fresh material. I'm willing
to bet it'll just give you garbage because the server will offer up a
SSL handshake and the browser will accept it as an html response.
Now if your URLs didn't have the port numbers in them (tomcat using port
80 for http and 443 for https) and you dropped the s from https, the
browser would connect on port 80 instead of 443 and the redirection
would happen again the way you are expecting.
--David
raveendra wrote:
> Yes i am sure, initially when i type my default url
> http://localhost:8080/myapp/start.action
> it is getting redirected to https://localhost:8443/myapp/start.action.
>
> But after accepting certificate and page is loaded if i remove "s" from
> redirected url it is still
> loading the page.It shouldn't even connect to the server as you said.I want
> it to happen if any one remove "s" and try to reload the page.
>
> Note : http://localhost:8443/myapp/start.action in this url the port no is
> secure port no.Here with http as protocol we are trying to connect to a port
> which is https.
>
> Could you please help me?
>
> Thanks for your reply,
>
> On Thu, Aug 21, 2008 at 10:34 PM, Christopher Schultz <
> chris@christopherschultz.net> wrote:
>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Raveendra,
>>
>> raveendra wrote:
>>
>>> But after accepting the certificate and loading the page.If i change my
>>>
>> url
>>
>>> to http://localhost:8443/myapp/start.action just by removing 's' it is
>>> loading the pages
>>> with some GUI errors and after traversing couple of pages it is logging
>>> out.
>>>
>> Are you sure? Trying to get your web browser to connect using HTTP to a
>> server expecting HTTPS should not even be able to make a connection,
>> much less give you broken pages.
>>
>> Can you double-check all URLs and be very careful about copying and
>> pasting them?
>>
>> - -chris
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (MingW32)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iEYEARECAAYFAkitoCYACgkQ9CaO5/Lv0PD9DwCffAfZwA4DgY3E5xmr11vFBsZK
>> y1sAoMBW9x5JRnzrVQUALWow40fod3eQ
>> =nlbZ
>> -----END PGP SIGNATURE-----
>>
>>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTPConnector url redirection
Posted by raveendra <ra...@gmail.com>.
Yes i am sure, initially when i type my default url
http://localhost:8080/myapp/start.action
it is getting redirected to https://localhost:8443/myapp/start.action.
But after accepting certificate and page is loaded if i remove "s" from
redirected url it is still
loading the page.It shouldn't even connect to the server as you said.I want
it to happen if any one remove "s" and try to reload the page.
Note : http://localhost:8443/myapp/start.action in this url the port no is
secure port no.Here with http as protocol we are trying to connect to a port
which is https.
Could you please help me?
Thanks for your reply,
On Thu, Aug 21, 2008 at 10:34 PM, Christopher Schultz <
chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Raveendra,
>
> raveendra wrote:
> > But after accepting the certificate and loading the page.If i change my
> url
> > to http://localhost:8443/myapp/start.action just by removing 's' it is
> > loading the pages
> > with some GUI errors and after traversing couple of pages it is logging
> > out.
>
> Are you sure? Trying to get your web browser to connect using HTTP to a
> server expecting HTTPS should not even be able to make a connection,
> much less give you broken pages.
>
> Can you double-check all URLs and be very careful about copying and
> pasting them?
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkitoCYACgkQ9CaO5/Lv0PD9DwCffAfZwA4DgY3E5xmr11vFBsZK
> y1sAoMBW9x5JRnzrVQUALWow40fod3eQ
> =nlbZ
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: HTTPConnector url redirection
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Raveendra,
raveendra wrote:
> But after accepting the certificate and loading the page.If i change my url
> to http://localhost:8443/myapp/start.action just by removing 's' it is
> loading the pages
> with some GUI errors and after traversing couple of pages it is logging
> out.
Are you sure? Trying to get your web browser to connect using HTTP to a
server expecting HTTPS should not even be able to make a connection,
much less give you broken pages.
Can you double-check all URLs and be very careful about copying and
pasting them?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkitoCYACgkQ9CaO5/Lv0PD9DwCffAfZwA4DgY3E5xmr11vFBsZK
y1sAoMBW9x5JRnzrVQUALWow40fod3eQ
=nlbZ
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org