Anurag,
On 10/4/24 15:32, Anurag Sharma wrote:
Tomcat act as a reverse proxy to 3rd party legacy system. We have
recently upgraded Tomcat to use HTTP/2 protocol; this causes the legacy
system not to render and get an error message when rendering. Tomcat
application war acts as a reverse proxy (which means all requests hit
the web app then we have Camel Proxy to proxy to the endpoint).
Browser-->HTT2-->Tomcat Web App (Reverse Proxy) -->HTT1.1 --> 3rd Party UI
Since Tomcat is configured with HTTP protocol, the browser
automatically negotiates the http2 protocol. Is there any way to
configure some path ( /context-path/XXX) would still needs to be
HTTP 1.1.
There is no way to prevent a specific request URI from possibly being
upgraded to h2. What would happen if the browser were to make a
connection, then request /use-h2-please -- which would upgrade the
connection to h2 -- and then request /no-h2-thanks after that over the
already-upgraded connection?
Currently, the only option is for us to open different connector
ports strictly with HTTP 1.1 and have traffic land here. Is there
any better approach for this ?
I don't see the problem with Tomcat serving requests using h2 and your
application proxying to the back-end using HTTP/1.1 or any other
protocol. Tomcat doesn't care one bit what your application does and has
no effect on whether or not it can make HTTP/1.1, h2, SFTP, or CTOCPP.
My guess is that the introduction of h2 isn't the problem, here.
Can you enable some kind of logging to find out what's happening?
-chris
From: Mark Thomas <ma...@apache.org>
Date: Tuesday, October 1, 2024 at 5:38 AM
To: users@tomcat.apache.org <users@tomcat.apache.org>
Subject: Re: Using HTTP 1.1 over a configured HTTP2 Connector
CAUTION: This email originated from outside of the organization. Do not click
links or open attachments unless you recognize the sender and know the content
is safe.
On 01/10/2024 06:15, Anurag Sharma wrote:
Dear Tomcat Team,
I hope this message finds you well.
I am currently facing a challenge regarding the use of HTTP/1.1 for specific
API endpoints within a servlet configured for HTTP/2. My browser defaults to
HTTP/2, which complicates the situation as I need to proxy some APIs to a
server that only supports HTTP/1.1.
Is there a workaround available to enforce HTTP/1.1 for these particular
endpoints?
It isn't clear from the above which component needs to talk to which
using what protocol.
Servlets don't care whether the request is received via HTTP/1.1 or HTTP/2.
Tomcat will happily process requests for the same servlet using HTTP/1.1
or HTTP/2 depending on client support.
Outgoing requests from Tomcat to external services are outside of the
control of Tomcat and are entirely an application concern.
Can you be more precise about what the problem is?
Mark
Here is out server.xml config. All request from our app is http2 protocol.
<Connector port="${tomcat.secure.port}"
protocol="org.apache.coyote.http11.Http11NioProtocol"
relaxedPathChars="[\\]^`{|}" relaxedQueryChars="[\\]^`{|}"
address="${tomcat.address}" minSpareThreads="100" maxThreads="200"
SSLEnabled="true"
scheme="https" secure="true" maxSwallowSize="-1"
maxPostSize="-1">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" readTimeout="50000"
streamReadTimeout ="-1" streamWriteTimeout="-1"
overheadContinuationThreshold="0" overheadDataThreshold="0"
overheadWindowUpdateThreshold="0"/>
<SSLHostConfig protocols="TLSv1.2+TLSv1.3"
ciphers="${tomcat.ciphers}">
<Certificate
certificateKeystoreFile="/var/versa/vnms/data/certs/tomcat_keystore.jks"
certificateKeystorePassword="${keystore.password}"
certificateKeyPassword="${key.password}"
certificateKeystoreType="PKCS12" />
</SSLHostConfig>
</Connector>
Thank you so much for your help.
Thanks and Regards,
Anurag Sharma
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
