________________________________ From: Rainer Jung <rainer.j...@kippdata.de> To: Tomcat Users List <users@tomcat.apache.org> Sent: Tuesday, October 14, 2008 9:46:56 AM Subject: Re: SSL Accelerator - Front ending Tomcat Mike Koponick schrieb: > Hello Everyone, > > I have not been a frequent administrator of Tomcat, but it seems that > I am becoming one! > > So, Here is my setup, I using an SSL accelerator in front of a Tomcat > server running two instances. When I try to access the website, the > webserver (rightfully so) redirects me to another page on the same > machine for the same instance. Thusly, I do not have the "https" URL > any longer, but have "http" instead, of course this kills the > connection. > > So, I was wondering if anyone has had any experience setting up this > type of environment. It seems to me that Tomcat doesn't know that > this is a secure connection. > > Any information is good information. So look at http://tomcat.apache.org/tomcat-6.0-doc/config/http.html especially proxyName, proxyPort, scheme and secure. Regards, Rainer ------------------------------------------ Anyone have success doing this? I am having lots of problems getting this to work, and in choosing the config directives to use to get it to work. For example, I set secure="true" and scheme="https" in the Connector block of my server.xml. In testing, However, when I call request.isSecure()it returns "false". When I call request.getScheme() it returns "http". I tested this with a simple page on my local instance of Tomcat--I accessed that page via http://localhost:8080. Shouldn't the secure and scheme directives override whatever connection the browser initiated and return the configured value? Am I missing something? Do I need to define the proxyName and proxyPort config directives? I tried that, and it didnt' seem to have an effect. I have the exact scenario (SSL accelerator in front of Tomcat) described above and am having problems forcing my apps to generate https URLs instead of http. (BTW: I'm running Tomcat 6.0.16 on Windows 2003) Thanks, Brian
