the only way to get rid of the port number is to have something listening on :443 (that's the way browsers are, sorry), and then hand requests over to tomcat, so to get what you want something will have to bind to :443 at some point, requiring root privs. What you want is something that will bind to the port as a privileged user and subsequently drop priv's to a limited user. the Apache web server is excellent for this kind of thing.

The easiest way to do this would be with apache sitting in front of tomcat with either mod_jk2 or forwarding requests with mod_rewrite. It doesn't really matter where the port forwarder sits, but usually you want to align with existing IT infrastructure and use an existing internal/internet web server to redirect requests to your app. If your company already has apache then this is a cinch, otherwise you'll have to figure out how to reverse-proxy with the web server du jour...

Is this close to what you're after?

--

* Matthew Kerle
** IT Consultant* **
* Canberra, Australia*

Mobile: +61404 096 863
Email: <mailto:[EMAIL PROTECTED]> Matthew Kerle <mailto:[EMAIL PROTECTED]>
Web:      Matthew Kerle <http://threebrightlights.blogspot.com/>


Stephen Caine wrote:
Is there a way to remove the port number from a https request where the original url looks something like this:

https://host_name:8443/

The approach to change the server.xml file (where the connector port is changed from 8443 to 443) is not practical for us. When this is done, Tomcat requires the root user to run. We consider this a security risk.

We have considered a port forwarder, but we are unclear whether to install this on the Tomcat server or router. In any event, we are not at all sure this is the best approach. Any advice will be appreciated. Our operating system is Mac OS X.

Thanks,

Stephen

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to