-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David,
On 12/3/2009 8:42 AM, David Cassidy wrote: > It would be interesting if you are running on non-standard ports (ie > not 80 and 443 ) to see what happens.... I do that, and it works just fine. AJP doesn't use the proxyPort stuff because the HTTP port isn't being changed. All that is necessary if you are using mod_proxy_http because the HTTP port often changes between Apache httpd (listening on port 80 to the outside world) and Tomcat (listening to, say, 8080 only to the internal network). In this case, Tomcat is convinced that the real port number being used is 8080 and would return URLs to the client using :8080 appended to them. Without using proxyName and proxyPort, Tomcat might return bad URLs to the user. The 'secure' attribute is necessary, here, if you are terminating SSL somewhere else but still consider the (non-encrypted) HTTP connection going to Tomcat to be secure. The AJP connector does in fact have proxyName and proxyPort attributes available, but I believe they are either superfluous, or auto-filled by the incoming HTTP request, anyway. In both cases, the default redirectPort is 443. I think if you are using HTTP connectors, your claim is true: to support both "secure" and "non-secure" channels where both channels are actually non-secure HTTP, you'll need two <Connectors>: one with secure=true and one with secure=false (or unspecified, and it defaults to false). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksXzfYACgkQ9CaO5/Lv0PAGYwCgkwzr/s+M50PG1qnXDECwcZdq HK8An0chpHBpxTMpi5awXScqpAtR5OHk =GWlN -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
