On 11/12/2014 19:12, Jesse Barnum wrote: > I have IIS 7 running with an SSL certificate. It receives HTTPS requests, and > using ARR, it proxies them over HTTP to Tomcat. This works fine. > > The problem is that when we call HttpServletRequest.isSecure(), it returns > false. This makes sense, since the request to tomcat is HTTP, but it’s not > correct from the user’s standpoint, who is using HTTPS. > > Is there a recommended way to configure ARR with Tomcat so that the original > HTTPS protocol can be recognized by Tomcat?
Set the secure attribute on the connector to "true" but make sure you only proxy requests originally received over HTTPS to it. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
