If I put two connectors under the same service like this:
<Service name="Public">
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector
port="443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="/path/somekeystore" keystorePass="*********"
clientAuth="false" sslProtocol="TLS"/>
<Engine name="Public" defaultHost="mydomain.com">
<Host name="mydomain.com" appBase="httpapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
<Host name="hastobehttps.mydomain.com" appBase="httpsapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
How can I force that users use https(or prevent http) when they access to
hastobehttps.mydomain.com? I know I can make eg. httpsapps/ROOT/index.html
for redirecting user always to https://hastobehttps.mydomain.com/myapp but
then I have to define "myapp" directory in url and still it is possible to
access my application via http(http://hastobehttps.mydomain.com/myapp).
That's why I have defined two different services. (The previous
configuration is working fine, but sometimes I have to restart tomcat twice
to get it running)
--
Jaakko
-----Alkuperäinen viesti-----
Lähettäjä: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Lähetetty: 2. helmikuuta 2009 17:21
Vastaanottaja: Tomcat Users List
Aihe: RE: Tomcat configuration with multiple services
> From: Jaakko Taipale [mailto:jaakko.taip...@dbmanager.fi]
> Subject: Tomcat configuration with multiple services
> There is two services other for http and other for https connections.
> Is this right way to do this
I've never seen anyone try that. Can't imagine what your requirements would
be that result in having multiple <Service> elements in Tomcat. One
normally simply has two <Connector> elements, one for HTTP, one for HTTPS:
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
> Also I point users accessing by ip to directory that doesn't exist
> because I want that robots that are scanning ip addresses doesn't get
> anything as response,
Lack of a valid appBase directory will cause a 500 response, not no
response, so that's pretty much a waste of time.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
