You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Eddie Bush <ek...@swbell.net> on 2002/06/28 13:31:43 UTC
Help please! ... please?
I'm having a problem getting Tomcat to redirect certain http traffic to
https. Here is what I can do thus far:
1) I can access http content just fine
2) I can access https content just fine
What I can't do:
1) I cannot seem to manage to get Tomcat to do a successful redirection
from http to https when I have page(s) secured by a security-constraint
with a transport-guarantee of "CONFIDENTIAL". If I access the same
document(s) over https, everything works smoothly.
My Configuration:
RedHat Linux 7.2
Apache 1.3.22
Tomcat 4.0.3
WARP Connector (I'd be interested in where I can get jk/ajp connectors
and documentation!)
Secure pages are also protected by roles (JDBCRealm)
My observations:
As stated above, I can access http/https traffic without any problem
whatsoever as long as I type the appropriate scheme in the address bar.
If I attempt to access a given page that is secured with a
transport-guarantee of CONFIDENTIAL over http, I do get some sort of
switch - but I get an (attempted?) error page. The page only shows as
"Document contains no data" though.
Would someone have a suggestion? I honestly don't know where to go from
here. I saw somewhere in the archive that someone had redirects going
under 4.0.3, but they didn't explicitly state they were using Tomcat to
do it - they could be using a work-around. I emailed them anyway -
haven't heard back though.
Many thanks in advance!
Eddie Bush
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Help please! ... please?
Posted by Eddie Bush <ek...@swbell.net>.
Ok, when I commented out the roles, I failed to comment out the security-role
element as well - that's why I was getting the 404. I'm getting a 200 on it now
(that's success, right?) - but I get a blank page. I'm not transferred to SSL.
There is nothing in any of the logs to indicate there was even a failure.
Again - I'm running:
RedHat Linux 7.2 - kernel is v2.4.9-13
Tomcat v4.0.3 (from RPM installation)
Apache 1.3.22
ANY suggestions would be most appreciated!
Thank You!
Eddie
Eddie Bush wrote:
> I removed the role constraint - and left the transport-guarantee CONFIDENTIAL -
> and it still doesn't work. It's issuing a 404. I have virtual hosts set up
> under Apache for both standard (port 80) and SSL (port 443) ports. I do have
> the application mounted under both virtual hosts. I really should not be
> getting a 404. Could someone give me a suggestion, please?
>
> Thanks!
>
> Eddie
>
> Eddie Bush wrote:
>
> > I'm having a problem getting Tomcat to redirect certain http traffic to
> > https. Here is what I can do thus far:
> >
> > 1) I can access http content just fine
> > 2) I can access https content just fine
> >
> > What I can't do:
> >
> > 1) I cannot seem to manage to get Tomcat to do a successful redirection
> > from http to https when I have page(s) secured by a security-constraint
> > with a transport-guarantee of "CONFIDENTIAL". If I access the same
> > document(s) over https, everything works smoothly.
> >
> > My Configuration:
> >
> > RedHat Linux 7.2
> > Apache 1.3.22
> > Tomcat 4.0.3
> > WARP Connector (I'd be interested in where I can get jk/ajp connectors
> > and documentation!)
> > Secure pages are also protected by roles (JDBCRealm)
> >
> > My observations:
> > As stated above, I can access http/https traffic without any problem
> > whatsoever as long as I type the appropriate scheme in the address bar.
> > If I attempt to access a given page that is secured with a
> > transport-guarantee of CONFIDENTIAL over http, I do get some sort of
> > switch - but I get an (attempted?) error page. The page only shows as
> > "Document contains no data" though.
> >
> > Would someone have a suggestion? I honestly don't know where to go from
> > here. I saw somewhere in the archive that someone had redirects going
> > under 4.0.3, but they didn't explicitly state they were using Tomcat to
> > do it - they could be using a work-around. I emailed them anyway -
> > haven't heard back though.
> >
> > Many thanks in advance!
> >
> > Eddie Bush
> >
> > --
> > To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> > For additional commands, e-mail: <ma...@jakarta.apache.org>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Help please! ... please?
Posted by Eddie Bush <ek...@swbell.net>.
I removed the role constraint - and left the transport-guarantee CONFIDENTIAL -
and it still doesn't work. It's issuing a 404. I have virtual hosts set up
under Apache for both standard (port 80) and SSL (port 443) ports. I do have
the application mounted under both virtual hosts. I really should not be
getting a 404. Could someone give me a suggestion, please?
Thanks!
Eddie
Eddie Bush wrote:
> I'm having a problem getting Tomcat to redirect certain http traffic to
> https. Here is what I can do thus far:
>
> 1) I can access http content just fine
> 2) I can access https content just fine
>
> What I can't do:
>
> 1) I cannot seem to manage to get Tomcat to do a successful redirection
> from http to https when I have page(s) secured by a security-constraint
> with a transport-guarantee of "CONFIDENTIAL". If I access the same
> document(s) over https, everything works smoothly.
>
> My Configuration:
>
> RedHat Linux 7.2
> Apache 1.3.22
> Tomcat 4.0.3
> WARP Connector (I'd be interested in where I can get jk/ajp connectors
> and documentation!)
> Secure pages are also protected by roles (JDBCRealm)
>
> My observations:
> As stated above, I can access http/https traffic without any problem
> whatsoever as long as I type the appropriate scheme in the address bar.
> If I attempt to access a given page that is secured with a
> transport-guarantee of CONFIDENTIAL over http, I do get some sort of
> switch - but I get an (attempted?) error page. The page only shows as
> "Document contains no data" though.
>
> Would someone have a suggestion? I honestly don't know where to go from
> here. I saw somewhere in the archive that someone had redirects going
> under 4.0.3, but they didn't explicitly state they were using Tomcat to
> do it - they could be using a work-around. I emailed them anyway -
> haven't heard back though.
>
> Many thanks in advance!
>
> Eddie Bush
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>