Re: [users@httpd] https to http proxy with Apache

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Boyle Owen wrote:

Let's focus on this bit:
however whenever there is an incoming POST from a form in the web application, the response from the Tomcat causes a switch to HTTP, where I need it to remain HTTPS. 

I'm not sure I completely understand.. When you say, "causes a switch to HTTP", I assume you mean that after you submit the form, the browser address window changes to "http" (typically, this would be the acknowledgement page). If so, then the browser must be getting a redirect that tells it to do this.

If not, can you explain in more detail exactly what happens at this point.
Well, essentially, what I'm trying to accomplish is this method of load balancing: 

http://tomcat.apache.org/tomcat-5.0-doc/balancer-howto.html#Using%20Apache%202%20with%20mod_proxy%20and%20mod_rewrite
but have the connection between the browser and the Apache httpd be over https instead of http. The problem that I'm seeing is that some of the URLs that come from the Tomcat managed application lose the https and revert back to http. It looks like it happens only in actions that originate from the web application. When I posted my message yesterday, I suspected that it had something to do with POST, but upon further investigation, I think it happens with any URL, which originates from Tomcat, (and consequently, it happens with POST request processing, since the resulting URL is determined by the web application). For example, there is a login screen in the web application. Getting to the login screen over https is no problem, and it renders correctly. When I fill in the user id and password and click the login button, this causes the form to be submitted to the servlet which processes it and determines the forwarding action (i.e. the URL the first screen of the application). The problem is that the URL of this forwarding action is now HTTP instead of HTTPS when it gets back to the browser.
I hope that makes it a little clearer, it's kind of difficult to explain in email messages. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux