Hi Chris, > > IMHO removing the port number is always the preferred solution — I never > did it > >> >> can we achieve this with tomcat or we need to setup an reverse proxy here. >> > > Your application uses whatever internal URLs it wants. Are you building > those yourself, or are you asking Tomcat for the e.g. hostname, etc.? If > it's Tomcat, this is where the proxyName and proxyPort come in.
- Yes, I have not built these UrLs before. It’s was working from the very beginning. As. I mentioned we are not able to reach goal or whatever. Rather than saying redirection, I would say it’s aliasing. Instead of moving applications or changing tomcat configuration it’s easier to achieve with reverse proxy ? https://example.lbg.com/ to https://server.lbg.com:8443/towl Kindly let me know what’s the best way. Thanks, Ammu > > -chris > > On Mon, May 13, 2024 at 10:17 PM lavanya tech <lavanyatech...@gmail.com> > wrote: > > Hi Chris, > > Sorry, If I did confuse. It’s important that > https://server.lbg.com:8443/towl is always working. Goal is not to > disable /towl, but just redirect or aliasing > > https//example.lbg.com/ to https://server.lbg.com:8443/towl > > > > > Thanks, > Lavanya > > On Monday, May 13, 2024, Christopher Schultz <ch...@christopherschultz.net > > > wrote: > > Lavanya, > > On 5/13/24 05:57, lavanya tech wrote: > > Somehow made it work now i can only access urls as you mentioned before > https://example.lbg.com and https://server.lbg.com with port 8443 and > with > out > > https://example.lbg.com/towl and https://server.lbg.com/towl --> I > have an > error now File not found. > > So i think we need to make work https://example.lbg.com/ to > https://server.lbg.com/towl > > > I'm sorry, I'm still confused as to which way you want things. > > Do you want to redirect /towl -> / or do you want to redirect / - > /towl? > > Or does it depend upon the hostname? It would really be better if you > could settle on one specific beahvior. > > -chris > > On Mon, May 13, 2024 at 9:41 AM lavanya tech <lavanyatech...@gmail.com> > > wrote: > > Hi Chris, > > > Where are you defining the RewriteValve itself? > > Defined rewritevalve here > <Host name="localhost" appBase="webapps" > unpackWARs="true" autoDeploy="true"> > > <Valve > className="org.apache.catalina.valves.rewrite.RewriteValve" /> > resource="conf/rewrite.config" /> > > 2) reated rewrite.config and added as below under conf/ > > RewriteCond %{REQUEST_URI} ^/towl/(.*) > RewriteRule ^/towl/(.*) https://example.lbg.com/%1 [R] > > 3) After renaming towl to ROOT -> /webapps/ROOT/WEB-INF/web.xml ( I > already have this mappings /* in web.xml file) > > <security-constraint> > <web-resource-collection> > <web-resource-name>Logging Area</web-resource-name> > <description> > Authentication for registered users. > </description> > <url-pattern>/*</url-pattern> > <url-pattern>/api/v1/search</url-pattern> <!-- protect search > endpoint whitelisted above --> > <url-pattern>/api/v1/suggest/*</url-pattern> <!-- protect > suggest > endpoint whitelisted above --> > </web-resource-collection> > <auth-constraint> > <role-name>LDAP_USER</role-name> > <role-name>api</role-name> > </auth-constraint> > </security-constraint> > > 4) Restarted Tomcat, Then I cannot access > https://server.lbg.com:8443/towl > --> Have below error > > Message java.nio.file.NoSuchFileException: > /git/apache-tomcat-10.1.11/webapps/towl/WEB-INF/lib/xss-1.0.8.jar > > Description The server encountered an unexpected condition that > prevented > it from fulfilling the request. > > 5) Also https://example.lbg.com doesnot work anymore > > Before you do anything with redirecting, can you just make sure you are > only deploying ROOT.war and nothing else? > How can I do that. I already changed towl.war to ROOT.war > > But still both the urls have error as mentioned above. > > > Si I revereted back the changes. > That's weird. Try stopping, deleting the work/ directory and restarting. > --> I have this wierd behavior for some reason, thoudh index.jsp is > located > no changes were made to file. After deleting cookies url works > > where Am I going wrong. > > Thanks, > Lavanya > > > On Fri, May 10, 2024 at 6:50 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Lavanya, > > > On 5/10/24 04:37, lavanya tech wrote: > > I tried the below and have the issues. > > 1)proxyPort="443" and proxyName="example.lbg.com" to the connector > 2) remanmed towl.war to ROOT.war > 3) created rewrite.config and added as below under conf/ > > > Where are you defining the RewriteValve itself? > > RewriteCond %{REQUEST_URI} ^/towl/(.*) > > RewriteRule ^/towl/(.*) https://example.lbg.com/%1 [R] > > > If this is being handled by the ROOT servlet then I think it's right. > > 4) added this in web.xml file of /webapps/towl/web.xml/ > > > <!-- Servlet mappings --> > <!-- Add your existing servlet mappings here --> > > <!-- Security constraint to restrict access to /towl path --> > <security-constraint> > <web-resource-collection> > <web-resource-name>Restricted Access to > /towl</web-resource-name> > <url-pattern>/towl/*</url-pattern> > > > No, this is wrong. Since this is the "towl" application and not ROOT, > you want to map /* and not /towl/* because the application will never > see the /towl/ as it's an application/context prefix that Tomcat will > remove. > > </web-resource-collection> > > <auth-constraint> > <!-- Deny access to all roles --> > </auth-constraint> > </security-constraint> > > Also I noticed that even if I rename the towl application to ROOT, > when > > i > > call the url with https://example.lbg.com/towl --> this towl > directory > > is > > getting created under webapps by default > > > If webapps/towl is being created, then it's happening for some other > reason. Do you have anything under conf/Catalina/*/towl.xml which > points > to a WAR file or something? If so, remove that. > > 5) Resarted tomcat and I have the below error and all the urls have the > > same issue > > Message org.apache.jasper.JasperException: > java.lang.ClassNotFoundException: org.apache.jsp.index_jsp > > > That's weird. Try stopping, deleting the work/ directory and > restarting. > > Description The server encountered an unexpected condition that > > > prevented > > it from fulfilling the request. > > Exception > > org.apache.jasper.JasperException: org.apache.jasper.JasperException: > java.lang.ClassNotFoundException: org.apache.jsp.index_jsp > > > org.apache.jasper.servlet.JspServletWrapper.handleJspException( > JspServletWrapper.java:578) > > > > org.apache.jasper.servlet.JspServletWrapper.service( > JspServletWrapper.java:422) > > > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:380) > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:328) > jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658) > org.apache.tomcat.websocket.se > rver.WsFilter.doFilter(WsFilter.java:51) > > > Before you do anything with redirecting, can you just make sure you are > only deploying ROOT.war and nothing else? > > This should allow you to reach the application at both > https://example.lbg.com/ and https://server.lbg.com/ as well as both > of > those with port 8443. > > Then use the applications and make sure they are working as expected. > Then, we'll add the /towl handling. > > -chris > > On Thu, May 9, 2024 at 11:20 PM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > Lavanya, > > > On 5/9/24 13:48, lavanya tech wrote: > > Thank you so much for your explanation. I will try these options. > > Do server and example both resolve to the same IP? > -yes > > > Good, that significantly reduces the complexity required, since you > can > do it will a single process (Tomcat) in a single environment. > > So I need follow both 4a/b and 5a/b steps here or any of them ? > > > If I setup exactly by using below steps , then I should access both > > the > > > urls right ? https://server.lbg.com:8443/towl and > > > https://example.lbg.com > > If you visit either hostname with /towl, you will be redirected to > example.lbg.com/ with no port number. example:8443 will still work > and > no redirect will take place... unless you specifically make > > arrangements > > > for that. We can do that later if you really want to. > > > Let's get the other things working, first. > > -chris > > On Thursday, May 9, 2024, Christopher Schultz < > > > ch...@christopherschultz.net> > > wrote: > > Lavanya, > > > On 5/9/24 02:58, lavanya tech wrote: > > Just giving background again of this topic again. > > > 1) The application team who is working they wanted to access the > url > https://server.lbg.com:8443/towl —> which should redirect or > point > > to > > > https://example.lbg.com > > > Is that a typo? You want specifically https://server.lbg.com/towl > > and > > > https://example.lbg.com/ to point to your application? > > — It’s not the Typo the requirements are still > the > > same. > > > > > Okay. > > Do server and example both resolve to the same IP? > > 2) Hence I added firewall rule to redirect port 443 to 8443. And > the > > url > > > https://example.lbg.com started working but its pointing to > > https://server.lbg.com:8443 indeed and not > > https://server.lbg.com:8443/to > > > wl > > > But then they wanted the point 1 to have it. If I understood > > correctly. So > > > basically to achieve this we wanted a reverse proxy setup ? > > > I didnot define any additional host in server.xml file on just > left > > to > > > default to local host. > > > > Here's what you have to do in order to support this odd > > configuration. > > > > 1. Configure your firewall to route port 443 -> 8443. I suspect > this > > is > > > already done. > > > 2. Deploy Tomcat on server.lbg.com with a <Connector> on port > 8443. > > This > > > is the default, so there shouldn't be anything to do. I suspect this > > > is > > > already done. You should set proxyPort="443" and proxyName=" > > example.lbg.com" in your <Connector>. This will ensure that any > URLs > generated by Tomcat or your application will point to > https://example.lbg.com/ and not to server.lbg.com or have a port > > number > > > or whatever. > > > 3. Re-name your application directory or WAR file from towl -> ROOT > > (upper > > > case is important). So if you have tomcat/webapps/towl re-name that > > > to > > > tomcat/webapps/ROOT or if you have tomcat/webapps/towl.war re-name > > > that > > > to > > > tomcat/webapps/ROOT.war. > > > The last thing to do is get /towl to re-direct to /. There are a > few > > ways > > > of doing that. > > > 4a. Configure your application (now called ROOT and deployed on / > and > > not > > > /towl anymore) to handle the /towl URL and specifically redirect > > this > > back > > > to /. This is oddly specific and has the application trying to > > > redirect > > > to > > > itself which is weird. > > > 4b. Create a new application called towl or towl.war which will be > deployed on /towl and have THAT redirect to /. I think this is > > cleaner > > > because you can call the application anything you'd like and it will > > > still > > > work. You don't have to match URL patterns yourself, you just > > re-name > > the > > > WAR file if you suddenly want to use /towl2 instead of /towl. > > > There are several ways to redirect. > > 5a. Use the rewrite valve and map /(*) to (global redirect) /\1. A > > few > > > notes: (1) the (*) means "capture this string" and \1 means "put the > > > string > > > back. This allows you to redirect /towl/foo/bar to /foo/bar instead > > > of > > > losing the /foo/bar. This syntax may not be perfect, adapt it to your > > needs. (2) Remember that the towl application is deployed on /towl > so > > you > > > don't want to redirect /towl/foo/bar you only want redirect /foo/bar > > > since > > > the URL will be relative to the current context (/towl). Got that? > > > Finally, > > > (3) you need to use a global redirect that does *NOT* redirect back > > > to > > > the > > > /towl application. Normally, if you redirect to /foo you'll get an > > application-relative redirect from something like a rewrite > valve/filter/whatever. Take care to redirect relative to the SERVER > > and > > > not > > > to the application. > > > 5b. Write your own servlet to do a specific redirect. > > I hope that helps, > -chris > > On Wednesday, May 8, 2024, Christopher Schultz < > > ch...@christopherschultz.net> > wrote: > > Lavanya, > > > On 5/8/24 06:48, lavanya tech wrote: > > I figured out how I can it make it work with 443. Now the URls > are > > working. > I added iptables route 443 to 8443 and it started working. > > nslookup example.lbg.com > > Non-authoritative answer: > Name: server.lbg.com > Address: 192.168.200.105 > Aliases: example.lbg.com > > > I have some application towl running with apache tomcat. I have > > the > > > below > > URLs working. > > https://server.lbg.com:8443/towl > https://server.lbg.com > https://example.lbg.com > https://example.lbg.com/towl > > > Now i wanted to disable the url https://example.lbg.com/towl > and > https://server.lbg.com and access only the other remaining two. > > > > > > I would *highly* recommend that you pick either /towl or / and not > > > try to > > > do both, unless you want to deploy the application twice (which is > > > fine, > > > just deploy towl.war and ROOT.war as copies of each other). If you > > > try to > > > re-write /towl to / or / to /towl, you'll find you spend the rest > > > of > > > your > > > days tracking-down edge-cases and "fixing" them -- likely making > > > things > > > confusing and, probably, worse. > > > In the end our goal to makesure that the links are not always > > dead as > > > soon > > > as the towl is moved to a new machine. Can you pelase assit me > > how > > to do > > > that? > > > > The goal should be that "moving" the application only means > > > changing > > > DNS > > > and everything else works as expected. > > > If you: > > 1. Deploy the application with a single context (e.g. /towl, > which > > I > > > recommend) > > > 2. Re-direct / to /towl (this requires a reverse-proxy or a ROOT > application that does nothing but redirect ; my personal > > preference) > > > > 3. Do not define any <Host> other than "localhost" and make it > the > default. Do not bother with any <Alias> elements since they are > not > necessary. > > Moving the application should only require that you: > > 4. Deploy the same application with the same configuration in the > > new > > > location > > > 5. Change DNS to point example.lbg.com and server.lbg.com to the > > new > > > location of the service > > > Hope that helps, > -chris > > On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Lavanya, > > On 4/30/24 07:10, lavanya tech wrote: > > Can you tell me how to do the below ? How should I setup Tomcat > in > server.xml ? > > > If you want to use port 443 (the default port for HTTPS) then you > > will > > > need to change Tomcat to bind to port 443 (if that's allowed on > > > your > > > OS) > > > or arrange to have port 443 routed to port 8443. You may need > > > additional > > > configuration in Tomcat (specifically: proxyPort) to avoid having > > > Tomcat > > > generate URLs with ":8443" in them. > > > Looking forward to your reply. > > > If Tomcat is listening on port 8443 then you will need to include > > that > > > in your URL, period. If you want to allow URLs without a port > > > number, > > > you will have to arrange to have something listening on port 443. > > > On Windows, Tomcat can listen directly on port 443. On UNIX and > UNIX-like systems, you won't be able to do this without running > > Tomcat > > > as root WHICH YOU ABSOLUTELY SHOULD NOT DO. > > > There are other ways to get port 443 working, but I'll need to > know > > more > > > about your environment. The port issue is "easier" than figuring > > > out > > > whatever is going on with your DNS, aliases, etc. so I would > > > recommend > > > we fix one thing at a time. > > > -chris > > On Mon, Apr 29, 2024 at 2:03 PM lavanya tech < > > lavanyatech...@gmail.com> > > > wrote: > > > Hi Chris, > > There is no issues with browser, because I tested with different > > browsers > > and it all works fine. I am sure that there is no issue with the > certificate. > Because I was able to establish successful connections > with > > port > > > > 8443, it > > just doesnot work with out port > > curl https://example.lbg.com/towl > curl: (56) Received HTTP code 504 from proxy after CONNECT > curl: (56) Received HTTP code 504 from proxy after CONNECT > > > If you want to use port 443 (the default port for HTTPS) then you > > will > > > need to change Tomcat to bind to port 443 (if that's allowed on > > > your > > > OS) > > > or arrange to have port 443 routed to port 8443. You may need > > > additional > > > configuration in Tomcat (specifically: proxyPort) to avoid having > > > Tomcat > > > generate URLs with ":8443" in them. > > > <Connector port="443" protocol="HTTP/1.1" > connectionTimeout="20000" > redirectPort="8443" > maxThreads="150" > scheme="https" secure="true" SSLEnabled="true" > keystoreFile="path_to_your_keystore_file" > keystorePass="your_keystore_password" > keystoreType="PKCS12" > clientAuth="false" sslProtocol="TLS" > proxyPort="443"/> > > should i use connect port like the above ? But you mentioned > > before > > > we > > > dont need any configuration changes. Please clarify I am not able > > > to > > > > figure > > this out and I have this issue many days pending. How to make it > > work > > > > with > > port 8443 and with out port > > Also I wanted to use weburl with alias name permanently instead > of > > the > > > hostname. How can I achieve both > > > Thanks, > Lavanya > > > --> > > > On Fri, Apr 26, 2024 at 9:28 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Lavanya, > > On 4/25/24 07:24, lavanya tech wrote: > > Hi Chris, > > One question / doubt: > > As I mentioned earlier, the below URLS already working in the > > browser > > > > https://server.lbg.com:8443/towl > https://example.lbg.com:8443/towl -> redirect ( which means > when I > > hit in > > browser) it points to https://server.lbg.com:8443/towl ---> To > be > > frank, > > even I donot need redirect here, not sure why it redirects. > > My question is why its working even though SAN is not registered > > with > > > > the > > certificate ? It doesnot even throw warning in the browser. > > > I'm not sure. Is it possible you have dismissed this error in the > > past > > > and the browser is remembering that? Try this with a different web > > browser or maybe with curl from the command-line to see what > > happens. > > > > Why https://server.lbg.com/towl or https://example.lbg.com/towl > > --> > > > > How it > > should work with New SAN certificate ? > > > You don't need to worry about the port number or application > name, > > only > > > the hostname is a part of the SAN. > > > -chris > > On Thu, Apr 25, 2024 at 10:16 AM lavanya tech < > > lavanyatech...@gmail.com > > > wrote: > > Hi Chris, > > > Thanks I will request new certificate with SANs and I will try to > > fix > > > > the > > things from our end. > > Best Regards, > Lavanya > > On Wed, Apr 24, 2024 at 11:12 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Lavanya, > > On 4/24/24 15:39, lavanya tech wrote: > > Local host means the machine i am logged in to server.lbg.com > > You are right, example.lbg.com is CNAME record. > > > Okay, thanks for clearing that up. > > I dont have any SAN configured for the certificate. The > certificate > > is > > requested for only server.lbg.com > > > You will never be able to make a secure request to anything other > > than > > server.lbg.com without seeing an error. I highly recommend > adding > > the > > other hostname as a SAN to your certificate if you really want to > support this. > > Even if you wanted https://example.lbg.com/whatever to return an > > HTTP > > 302 redirect to https://server.lbg.com/whatever, the user would > > see a > > certificate hostname mismatch error which is ugly. It's best to > > make > > > > it > > work without users seeing ugly things. > > So if i just request new certificate with SAN it should work ? If > > yes, I > > will request for it and follow your steps as below suggested. > > > Yes, it should. > > Should i use CName record or DNS? Does it make difference? > > > CNAME *is* DNS. > > Whenever possible, use hostnames and not IP addresses as SANs. > It's > > more > > flexible that way, and users get to see hostnames instead of IP > > addresses. > > > -chris > > On Wednesday, April 24, 2024, Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Lavanya, > > On 4/24/24 07:37, lavanya tech wrote: > > Sorry I understood wrongly here with regards to my environment, > > Let me > > start from the beginning. I donot want to use redirect at all. I > > simply > > wanted to force apache tomcat to use both localhost and dns name > > of > > the > > localhost via url. > > > When you say "force" what do you mean? > > When you say "use both localhost and DNS name" what do you mean? > > When you say "localhost" do you mean 127.0.0.1 or "the machine > I'm > logged-into right now"? > > I have DNS resollution as below. > > > server.lbg.com --> localhost > > > Is that a CNAME record? > > nslookup server.lbg.com (localhost) > > Name: server.lbg.com > Address: 192.168.100.20 > alias: example.lbg.com > > > That's a weird DNS response. The DNS name "localhost" should > > *always* > > return 127.0.0.1 for IPv4 and ::1 for IPv6. It shouldn't return > 191.168.100.20. > > We have working the below urls working: > > https://server.lbg.com:8443/towl > https://example.lbg.com:8443/towl --> redirects to > > > What do you mean "redirect"? Does it return a 30x response that > > causes > > the > > browser to make a new request to \/ > > https://server.lbg.com:8443/towl --> still works --> we have > SSL > > configured for the same but this SSL certificate doesnot have > > additional > > DNS setup. > > > What SANs are in your certificate? How many certificates do you > > have? > > > But I would need to somehow access https://example.lbg.com --> > > which > > means > I would need to access via 443 here ? > > > I'm so confused. What needs to access what? > > I tried to adding the below to server.xml as below, but that > > doesnot > > seems > > to work. > > <Connector port="80" > protocol="org.apache.coyote.http11.Http11NioProtocol" > connectionTimeout="20000" > redirectPort="443" /> > > > This will only redirect (HTTP 302) requests to > > http://yourhost/anything > > to https://yourhost/anything *if the application specifically > > requests > > CONFIDENTIAL transport*. It doesn't just redirect everything by > > default. If > > you want it to redirect everything, you'll need to set that up > > e.g. > > using > > RewriteValve. There are other options, too. > > Do i need additional SSL certificate for the > > https://example.lbg.com > > to > > make it work ? > > > If you don't want your browser to complain, you will need at > least > > one > > TLS > > certificate that contains every Subject Alternative Name (SAN) > for > > every > > possible hostname you expect to use with this service. You ca do > > it > > with > > multiple certificates as well, but a single cert with multiple > > SANs > > is > > less > > work. > > Do i need to set up an additional web server for this like apache > > or > > nginx > > for redirecting requests? > > > No. > > Please stop saying "redirect" because it sounds like you almost > > never > > mean > > "HTTP 30x redirect" and that's confusing everything. > > I *think* you only need the following: > > 1. A TLS certificate with the following SANs: > > * server.lbg.com > * example.lbg.com > * localhost (you shouldn't do this) > > 2. DNS configured for all hostnames: > > * server.lbg.com -> A 192.168.100.20 > * example.lgb.com -> A 192.168.100.20 > > 3. Tomcat configured with a single <Host> which is the default > > virtual > > host. Note that this is the *default Tomcat configuration* and > > doesn't > > need > > to be changed from the default. > > 4. Tomcat configured with your certificate like this: > > <Connector ... > SSLEnabled="true"> > <SSLHostConfig> > <Certificate > certificateFile="/path/to/your/cert.crt" > certificateKeyFile="/path/to/your/key.pem" /> > <!-- You may need certificateKeyPassword in > > <Certificate> > > --> > > </SSLHostConfig> > </Connector> > > If your SANs are configured properly, this should allow you to > > connect > > using any of these URLs: > > $ curl https://server.lbg.com/towl/login.jsp > > (returns login page) > > $ curl https://example.lbg.com/towl/login.jsp > > (returns login page) > > If your application's web.xml contains something like this: > > <security-constraint> > <web-resource-collection> > <web-resource-name>theapp</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > <user-data-constraint> > > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > > > </user-data-constraint> > > </security-constraint> > > ... then these URLs insecure HTTP URLs should redirect your > > clients: > > > $ curl http://server.lbg.com/towl/login.jsp > > (returns HTTP 302 redirect to > > https://server.lbg.com/towl/login.jsp > > ) > > > $ curl https://server.lbg.com/towl/login.jsp > > (returns HTTP 302 redirect to > > https://example.lbg.com/towl/login.jsp) > > > I don't think you need any use of the RewriteValve unless you > want > > to > > handle sending HTTP 302 redirect responses to insecure requests > > without > > specifying the CONFIDENTIAL transport-guarantee in your > > application's > > web.xml file. But I don't see any reason NOT to have that in > > there. > > > -chris > > On Tue, Apr 23, 2024 at 10:52 PM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > Lavanya, > > > On 4/22/24 05:21, lavanya tech wrote: > > Could you please explain, what you exactly mean ? So here > > redirect > > is > > > not a > > solution right ? > > > Redirecting is fine. > > Perhaps you should take a step back and decide: what do you > > actually > > want, here? You might be trying to solve problem X by applying > > solution > > Y, and you've already decided that solution Y is correct so you > > are > > trying to get help with that. > > Perhaps ask for help with Problem X? > > For example, "I don't want users to have to type the name of my > application to reach it so I want example.com/ to go to my > > application > > instead of example.com/myapp/". > > Or, "I have multiple domains and I want all of them to redirect > > to > > the > > canonical domain example.com and to go to me web application > > /myapp > > so > > everything goes to example.com/myapp/". > > "You'd have to use a glob/regex if > > you wanted to check for [anything and maybe nothing.] > > example.com > > ." > > > > There is nothing in your configuration or question that suggests > > that > > the hostname in the request is relevant, but you are making it a > *requirement* that the request contains a specific Host header. > > IF > > you > > don't actually need that, why do you have it? > > -chris > > On Fri, Apr 19, 2024 at 3:03 PM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > Ammu, > > > On 4/19/24 08:32, lavanya tech wrote: > > Thank you very much. I removed <Host> for example.com as > > well > > as > > > adding > > > an > > > <Alias> in server.xml > I copied context.xml file > > /git/app/apache-tomcat-10.1.11/webapps/towl/META-INF/context.xml > > Removed < in rewrite.config files. > > But still I dont redirect the URL. > > > If you have <Context> in server.xml and also your application > > in > > the > > webapps/ directory, then you will be double-deploying your > > application. > > > Re-name /git/app/apache-tomcat-10.1.11/webapps/towl/ to be > /git/app/apache-tomcat-10.1.11/webapps/ROOT (the capitals are > important) > and remove the <Context> element from your server.xml. > > Then start your server and read the logs. > > *nslookup alias.example.com <http://alias.example.com> > > gives-->Non-authoritative answer:Name: www.example.com > <http://www.example.com>Address: 192.168.200.10Aliases: > > alias.example.com > > <http://alias.example.com>* > > > Just to give some information here, *www.example.com > <http://www.example.com>* has alias* "alias.example.com > <http://alias.example.com>"* > But https://www.example.com:7777/example --> works fine with > > out > > > issues > > > but > > > the alias doesnot works (https://alias.example.com) > So i am not sure if the redirect url helps or if its correct > > > Your rewrite configuration says that you have to be using host > "example.com" but your request goes to www.example.com. Your > configuration should only redirect a request such as: > > $ curl -v http://example.com:7777/something > > HTTP/1.1 301 Moved Permanently > ... > Location: https://www.example.com:7777/example > > If you > >
