Re: [users@httpd] Apache 2.2.11 with Reverse Proxy(HTTPS not consistent)

[Krist van Besien <kr...@gmail.com>]

On Fri, Aug 28, 2009 at 9:16 AM, Andy Ee<an...@sysatwork.com> wrote:

> My IE browser is able to establish a HTTPS session to the web application
> without a problem. There is a username/password authentication form and I am
> able to login as well. Here’s the problem. Whenever after I logged in, the
> HTTPS session breaks and becomes HTTP. I can still browse around the site
> and do functions on HTTP session.

This is probably caused by your tomcat application. Many web
applications send a "redirect" after a user logs in, and if the
application doesn't know it has to send a https redirect it will send
a http redirect.

There are several things you can do:
1) Configure your tomcat application so that it sends https redirects
back. Often an application has a parameter with something like "base
url" or something like that. This should be set to the external url.
This is the best solution.
2) Use a ProxyPassReverse statement to rewrite redirects as they come
from the Tomcat server and are passed on to your users.
3) Use a rewrite rule to redirect incoming http requests to https.

1) is the best, 2) is also ok. 3) is a kludge.

A good way to debug problems like that is to use a proper browser like
Firefox, together with firefox extentions like Firebug and
LiveHTTPHeaders.

Krist



-- 
krist.vanbesien@gmail.com
krist@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org