You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ryan Stewart <zz...@go.com> on 2004/06/05 05:24:52 UTC
Tomcat 4.1.30 HTTP->HTTPS redirect problem (second attempt)
I posted a question about this about a week ago, but haven't seen any reply.
I've set up Tomcat 4.1.30 for secure access via SSL. Unsecure port is 8080, secure port is 8081. I use Tomcat for J2EE application development, and the problem is related to that. Using basic authentication, things work fine. When I move from an unsecure to a secure area of my application, the dialog box pops up and upon entering the correct user/password, I'm redirected to the secure port. However, if I change to form based authentication, when trying to send me to the login form, it sends me to the unsecure port using https. In other words:
https://localhost:8080/secureApp/login.jsp
It should be sending me to 8081. Any clue why this would happen? Snippets from my connectors in server.xml are below. If you need other info, just ask.
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector" ...
port="8080" ... redirectPort="8081" scheme="http" secure="false" ...>
<Factory
className="org.apache.catalina.net.DefaultServerSocketFactory"/>
</Connector>
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector" ...
port="8009" ... redirectPort="8081" scheme="http" secure="false" ... >
<Factory
className="org.apache.catalina.net.DefaultServerSocketFactory"/>
</Connector>
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8081" ... scheme="https" secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" keystoreFile=".keystore" protocol="TLS"/>
</Connector>
___________________________________________________
Check-out GO.com
GO get your free GO E-Mail account with expanded storage of 6 MB!
http://mail.go.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 4.1.30 HTTP->HTTPS redirect problem (second attempt)
Posted by Bill Barker <wb...@wilshire.com>.
This is a pretty well known bug in MSIE. The short version is that that TC
4.1.x sends two redirects to get you to the login page, and MSIE gets
confused. The options to get around this are:
1) Don't use MSIE.
2) Use the default SSL port (e.g. 443).
3) Use TC 5.0.x instead of TC 4.1.x.
"Ryan Stewart" <zz...@go.com> wrote in message
news:6762920.1086405892709.JavaMail.zzantozz@gomailjtp03...
> I posted a question about this about a week ago, but haven't seen any
reply.
>
> I've set up Tomcat 4.1.30 for secure access via SSL. Unsecure port is
8080, secure port is 8081. I use Tomcat for J2EE application development,
and the problem is related to that. Using basic authentication, things work
fine. When I move from an unsecure to a secure area of my application, the
dialog box pops up and upon entering the correct user/password, I'm
redirected to the secure port. However, if I change to form based
authentication, when trying to send me to the login form, it sends me to the
unsecure port using https. In other words:
> https://localhost:8080/secureApp/login.jsp
>
> It should be sending me to 8081. Any clue why this would happen? Snippets
from my connectors in server.xml are below. If you need other info, just
ask.
>
> <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" ...
> port="8080" ... redirectPort="8081" scheme="http" secure="false" ...>
> <Factory
> className="org.apache.catalina.net.DefaultServerSocketFactory"/>
> </Connector>
> <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" ...
> port="8009" ... redirectPort="8081" scheme="http" secure="false" ... >
> <Factory
> className="org.apache.catalina.net.DefaultServerSocketFactory"/>
> </Connector>
> <Connector className="org.apache.catalina.connector.http.HttpConnector"
> port="8081" ... scheme="https" secure="true">
> <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
> clientAuth="false" keystoreFile=".keystore" protocol="TLS"/>
> </Connector>
>
>
> ___________________________________________________
> Check-out GO.com
> GO get your free GO E-Mail account with expanded storage of 6 MB!
> http://mail.go.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org