RE: IP-based virtual hosting with Tomcat(6)

[Jeffrey Janner]

Well, Chris is almost correct here.  But Connectors are nested as the Service 
level, not at the Engine level. The engine doc he refers you to even specifies 
this at the top of the page.  Here is the way to do it correctly:

<Service name='Service1">
  <Connector address="127.0.0.9" port=80 [options] />
  <Connector address="127.0.0.9" port=443 [options] [ssl options] />
  <Engine name="Catalina" defaultHost="ren">
    <Host name="ren" appBase="renapps" />
  </Engine>
</Service>

<Service name='Service1">
  <Connector address="127.0.0.10" 80 [options] />
  <Connector address="127.0.0.10" port=443 [options] [ssl options] />
  <Engine name="Catalina" defaultHost="ren">
    <Host name="stimpy" appBase="stimpyapps" />
  </Engine>
</Service>

Add a properly configured <security-contraint> tag group to your web.xml and 
you can even have http requests automatically re-routed to https.

Jeff

-----Original Message-----
From: Christopher Schultz [mailto:ch...@christopherschultz.net] 
Sent: Wednesday, July 29, 2009 2:58 PM
To: Tomcat Users List
Subject: Re: IP-based virtual hosting with Tomcat(6)


You can bind <Connector> elements to a specific IP address using the
"address" attribute. You can nest <Connector> elements within an
<Engine> element, like this:

   <Engine name="Catalina" defaultHost="ren">
    <Connector address="127.0.0.9"  [ssl options] />
    <Host name="ren" appBase="renapps"/>
   </Engine>

   <Engine name="Catalina" defaultHost="ren">
    <Connector address="127.0.0.10"  [ssl options] />
    <Host name="stimpy" appBase="stimpyapps"/>
   </Engine>

This should allow you to have different SSL certs for each "site"
(represented by each <Host> element).

See the following references:
http://tomcat.apache.org/tomcat-6.0-doc/config/http.html
http://tomcat.apache.org/tomcat-6.0-doc/config/engine.html

- -chris


*******************************  NOTICE  *********************************
This message is intended for the use of the individual or entity to which 
it is addressed and may contain information that is privileged, 
confidential, and exempt from disclosure under applicable law.  If the 
reader of this message is not the intended recipient or the employee or 
agent responsible for delivering this message to the intended recipient, 
you are hereby notified that any dissemination, distribution, or copying 
of this communication is strictly prohibited.  If you have received this 
communication in error, please notify us immediately by reply or by 
telephone (call us collect at 512-343-9100) and immediately delete this 
message and all its attachments.