Re: Removing the port identifier

Tue, 14 Aug 2007 21:12:43 -0700
the only way to get rid of the port number is to have something listening on :443 (that's the way browsers are, sorry), and then hand requests over to tomcat, so to get what you want something will have to bind to :443 at some point, requiring root privs. What you want is something that will bind to the port as a privileged user and subsequently drop priv's to a limited user. the Apache web server is excellent for this kind of thing. 


The easiest way to do this would be with apache sitting in front of 
tomcat with either mod_jk2 or forwarding requests with mod_rewrite. It 
doesn't really matter where the port forwarder sits, but usually you 
want to align with existing IT infrastructure and use an existing 
internal/internet web server to redirect requests to your app. If your 
company already has apache then this is a cinch, otherwise you'll have 
to figure out how to reverse-proxy with the web server du jour...


Is this close to what you're after?

--

* Matthew Kerle
** IT Consultant* **
* Canberra, Australia*

Mobile: +61404 096 863

Email:     <mailto:[EMAIL PROTECTED]> Matthew Kerle 
<mailto:[EMAIL PROTECTED]>

Web:      Matthew Kerle <http://threebrightlights.blogspot.com/>


Stephen Caine wrote:

Is there a way to remove the port number from a https request where 
the original url looks something like this:


https://host_name:8443/


The approach to change the server.xml file (where the connector port 
is changed from 8443 to 443) is not practical for us.  When this is 
done, Tomcat requires the root user to run.  We consider this a 
security risk.



We have considered a port forwarder, but we are unclear whether to 
install this on the Tomcat server or router.  In any event, we are not 
at all sure this is the best approach.  Any advice will be 
appreciated.  Our operating system is Mac OS X.


Thanks,

Stephen

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to