You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Markus Schönhaber <ma...@schoenhaber.de> on 2005/07/25 14:16:12 UTC
Tomcat 5.5.10: APR-SSL generates wrong 302 response
Hello!
I've configured Tomcat 5.5.10 to use APR. The HTTP-Connector listens on port
80, the HTTPS-Connector listens on port 443. A request for
https://www/tomcat-docs
generates the following response:
GET /tomcat-docs HTTP/1.1
Host: www
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.8b4) Gecko/20050721
Firefox/1.0+
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
HTTP/1.x 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: https://www:80/tomcat-docs/
Transfer-Encoding: chunked
Date: Mon, 25 Jul 2005 11:57:39 GMT
Obviously this doesn't work since since the redirection response tells the
browser to connect to the HTTP port using HTTPS.
This problem does *not* occur if:
- The request is for https://www/tomcat-docs/ (no surprise since no redirect
response is generated in this case).
- The HTTPS-Connector is configured to listen on port 8443 (or propably any
other non-standard HTTPS-port - but I haven't tried).
- APR isn't used at all.
BTW: tomcat-docs is just an example. With other web-apps thre's the same
problem.
Regards
mks
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 5.5.10: APR-SSL generates wrong 302 response
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Am Montag, 25. Juli 2005 17:39 schrieb Remy Maucherat:
>
> There's indeed a cut & paste error (the default ports for HTTP and
> HTTPS are inverted), so you need to add an extra '!':
>
> Index: Http11AprProcessor.java
> ===================================================================
> RCS file:
> /home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http1
>1/Http11AprProcessor.java,v retrieving revision 1.25
> retrieving revision 1.26
> diff -u -r1.25 -r1.26
> --- Http11AprProcessor.java 13 Jul 2005 13:03:51 -0000 1.25
> +++ Http11AprProcessor.java 25 Jul 2005 15:32:48 -0000 1.26
> @@ -1422,8 +1422,8 @@
> }
>
> if (colonPos < 0) {
> - if (ssl) {
> - // 80 - Default HTTTP port
> + if (!ssl) {
> + // 80 - Default HTTP port
> request.setServerPort(80);
> } else {
> // 443 - Default HTTPS port
>
>
> Using proxyPort="443" should be a decent workaround.
Great! Thanks for the quick response.
Regards
mks
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat 5.5.10: APR-SSL generates wrong 302 response
Posted by Remy Maucherat <re...@gmail.com>.
On 7/25/05, Markus Schönhaber <ma...@schoenhaber.de> wrote:
> Hello!
>
> I've configured Tomcat 5.5.10 to use APR. The HTTP-Connector listens on port
> 80, the HTTPS-Connector listens on port 443. A request for
> https://www/tomcat-docs
> generates the following response:
>
> GET /tomcat-docs HTTP/1.1
> Host: www
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.8b4) Gecko/20050721
> Firefox/1.0+
> Accept:
> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
>
> HTTP/1.x 302 Moved Temporarily
> Server: Apache-Coyote/1.1
> Location: https://www:80/tomcat-docs/
> Transfer-Encoding: chunked
> Date: Mon, 25 Jul 2005 11:57:39 GMT
>
> Obviously this doesn't work since since the redirection response tells the
> browser to connect to the HTTP port using HTTPS.
> This problem does *not* occur if:
> - The request is for https://www/tomcat-docs/ (no surprise since no redirect
> response is generated in this case).
> - The HTTPS-Connector is configured to listen on port 8443 (or propably any
> other non-standard HTTPS-port - but I haven't tried).
> - APR isn't used at all.
There's indeed a cut & paste error (the default ports for HTTP and
HTTPS are inverted), so you need to add an extra '!':
Index: Http11AprProcessor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- Http11AprProcessor.java 13 Jul 2005 13:03:51 -0000 1.25
+++ Http11AprProcessor.java 25 Jul 2005 15:32:48 -0000 1.26
@@ -1422,8 +1422,8 @@
}
if (colonPos < 0) {
- if (ssl) {
- // 80 - Default HTTTP port
+ if (!ssl) {
+ // 80 - Default HTTP port
request.setServerPort(80);
} else {
// 443 - Default HTTPS port
Using proxyPort="443" should be a decent workaround.
--
xxxxxxxxxxxxxxxxxxxxxxxxx
Rémy Maucherat
Developer & Consultant
JBoss Group (Europe) SàRL
xxxxxxxxxxxxxxxxxxxxxxxxx
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org