I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
melbet kz вход без vpn http://melbet15709.help/
best online betting for horse racing
my web page; Fast Greyhound Results Please
melbet официальный сайт регистрация https://www.melbet15709.help
online casino that allow 18 year olds [Ola]
free bet no deposit uk, united states online casino real money and good morning united states
time slot, or casino online united kingdom free
мелбет вывод odengi кыргызстан мелбет вывод odengi кыргызстан
Вроде доступно объясняют базу по соцсетям: https://foto-videomontaz.ru/smm-prodvizhenie-v-soczialnyh-setyah-princzipy-instrumenty-i-pokazateli-effektivnosti/
gry crash mostbet gry crash mostbet
По теме “Онлайн тест: Мифы и факты о мозге”, есть отличная статья.
Вот, можете почитать:
https://terehov-event.ru/news/onlajn-test-pro-mozg-pravda-ili-lozh-s-obyasneniyami-dlya-kriticheskogo-myshleniya/
доставка цветов дешево москва доставка цветов дешево москва .
crash oyini mostbet mostbet47183.help
pin-up bonusni yechib olish shartlari pin-up bonusni yechib olish shartlari
мелбет официальный сайт приложение https://melbet64019.help/
The other day, while I was at work, my sister stole my iphone and
tested to see if it can survive a twenty five foot drop, just
so she can be a youtube sensation. My apple ipad is now destroyed and she
has 83 views. I know this is entirely off topic but I had to share it with someone!
mostbet rasmiy saytga kirish http://www.mostbet47183.help
pin-up tikish kuponi http://pinup08694.help/
mostbet jak wypłacić bonus https://mostbet2004.help
mostbet roʻyxatdan oʻtish bepul https://www.mostbet47183.help
pinup kundalik bonus http://www.pinup08694.help
Mahjong Ways 2: quem prefere cascade pays?
Thanks for the good writeup. It in fact was a leisure account it. Glance complicated to more delivered agreeable from you By the way how could we be in contact? https://teletype.in/avtobloggerua/D36QcnKeQ2k
Thank you for the auspicious writeup. It in fact was a amusement account it.
Look advanced to more added agreeable from you! However, how could we communicate?
1win privacidad http://www.1win05634.help
шумоизоляция автомобиля https://shumoizolyaciya-avtomobilya-1.ru
мелбет официальный сайт Казахстан https://melbet15709.help
Having read this I believed it was rather informative.
I appreciate you finding the time and energy
to put this content together. I once again find myself
personally spending way too much time both reading and leaving comments.
But so what, it was still worth it!
1win retiro Scotiabank http://www.1win05634.help
самая дешевая доставка цветов москва самая дешевая доставка цветов москва .
1win marcador en vivo 1win marcador en vivo
1win android download 1win android download
mostbet Angren http://mostbet47183.help
Hello!
Want to know what real users think?
Take a look at Miki — a great option with sports betting included: fsh-online.com
Wager-free cashback. 4.1-star rated on Trustpilot.
What do you think?
мелбет трансляции футбол мелбет трансляции футбол
melbet kassa24 пополнение http://melbet15709.help/
Кстати, если вас интересует Как выбрать доставку из кошерных ресторанов в Москве, посмотрите сюда.
Вот, делюсь ссылкой:
https://univer9.ru/%d0%b1%d0%b5%d0%b7-%d1%80%d1%83%d0%b1%d1%80%d0%b8%d0%ba%d0%b8/koshernye-restorany-v-moskve-kak-proverit-sertifikat-i-vybrat-dostavku-edy/
mostbet ozini cheklash mostbet47183.help
ремонт мембранной кровли
pin up registratsiya muammo pinup08694.help
bet on the grand national
Feel free to visit my page :: https://grayhound-betting.com/
mostbetga kirish mostbet47183.help
1win apuestas en vivo Perú https://1win05634.help/
1win sms not received 1win5529.ru
pin up aviator juego https://pinup62718.help
мостбет сколько идет вывод https://www.mostbet80295.help
Доброго Анонимное лечение алкоголизма гарантирует защиту персональных данных и отсутствие учета в государственных диспансерах. Центр психологической помощи в Москве MyPsyHealth понимает важность конфиденциальности для сохранения репутации. Вы можете проходить все этапы лечения под вымышленным именем или без огласки. Мы не передаем информацию работодателям или родственникам без вашего согласия. Сохраните свою тайну и получите качественную помощь в условиях полной анонимности. Полная информация по ссылке – https://mypsyhealth.ru/D0BDD0B0D180D0BAD0BED0BBD0BED0B3D0B8D18F/2020/10/05/ferrum-and-alchogolizm тяга к наркотикам помощь кодирование от наркомании варениклин от курения рецепт лудомания терапия генерализованное тревожное расстройство ГТР любовная зависимость психотерапия Всего наилучшего и успехов в лечении и здоровье
melbet как отыграть бонус melbet как отыграть бонус
pin up Uzcard depozit https://www.pinup08694.help
1win app Perú android 1win app Perú android
1win promo field https://1win5529.ru
pin-up código promocional pin-up código promocional
мостбет скачать приложение на android мостбет скачать приложение на android