I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
pathdriver – Nice insights, guidance energizes movement and strengthens focus on goals.
conceptsignals – Very practical, signals here help convert concepts into forward movement efficiently.
effortlessflow – Smart approaches reduce unnecessary effort.
momentum builder – Solid guidance, focused direction keeps momentum moving forward.
Discover Clarity – The structure supports the content and keeps it readable.
progressmovespurposefully.bond – Interesting site, the structure makes sense and keeps things straightforward.
stepintoprogress – Nice tips, each step taken adds up to measurable progress.
intenttrack – Encouraging tips, maintaining focus on purpose helps progress stay steady.
advancemomentumhub – Sections are concise, visually appealing, and easy to follow.
focusedmomentumguide – Advice is structured to support smooth progress and clarity.
strategyengine – Properly directed signals maintain steady progress and forward movement.
directionfocus – Great advice, clarity here helps maintain focus while setting direction.
goalbeacon – Maintaining focus ensures stronger results and more productive work.
forwardthinksignals – Excellent guidance, these signals make pushing ideas ahead simpler and clearer.
claritybeacon – Helpful insights here guide projects with clear and steady direction.
innovationpath – Following a clear plan ensures ideas progress smoothly.
focus forward – Solid advice, clear focus supports steady progress.
clarityinmotion – Presentation is neat, and the flow of ideas feels natural.
Нужны грузчики? грузоперевозки услуги грузчиков : переезды доставка мебели и техники погрузка и разгрузка. Подберём транспорт под объём груза обеспечим аккуратную работу и соблюдение сроков. Прозрачные тарифы и удобный заказ.
energizeforwardpath – Clean layout with intuitive navigation supports user understanding.
taskengine – Proper guidance keeps work flowing efficiently and avoids confusion.
growthpathaligned – Inspiring advice, clear alignment ensures smoother progress toward objectives.
poweringgrowth – Insightful tips, the guidance here helps take growth-focused actions confidently.
progressmotionstream – Advice keeps actions organized and efficient for better results.
wisepaths – Great insights, clarity in steps encourages smarter decision-making.
directionactivatesprogress.bond – Clean design and clear message, it actually feels trustworthy to browse.
actandmove – Helpful advice, consistent actions create smooth forward momentum.
claritybeacon – Maintaining focus enhances results and helps achieve objectives effectively.
focusdrivesresults – Useful guidance, keeping attention sharp drives progress steadily.
worldalliancebond – Practical guidance, partnerships appear strong, reliable, and globally connected.
workflowguide – Proper direction in workflow helps avoid wasted effort.
from thought to action – Encouraging insights, ideas are clearly connected to real progress.
actionpilot – Regular action creates energy that drives projects forward effectively.
progressmovesdeliberately.bond – Thoughtful pacing here, content moves steadily without unnecessary distractions present.
progressclarity – Helpful tips, unlocking progress ideas provides clarity on what actions to take next.
forwardsignalcenter – Simple design that allows content to stand out effectively.
signalpath – Great tips, content ensures progress is clear and actionable.
momentumbeacon – Clear signals make it easier to maintain steady progress.
relationshipcircle – Engage with people who bring trust, value, and consistent support.
actionableideasstream – Ideas are clearly presented and encourage taking immediate steps.
forwardflow – Great guidance, following these signals keeps growth on a steady forward track.
focusflowcenter – Tips are straightforward and easy to apply in daily routines.
strategicunity – Unite professionals to share knowledge, grow influence, and achieve goals.
futuredirection – Very useful, content helps plan ahead while staying clear and concise.
actionmovesforwardclean.bond – Good read, I found a couple sections that were genuinely useful.
partnerecosystem – Thoughtful concept, the network feels cohesive and globally aligned.
speedbeacon – Helpful insights, signals create efficient workflow and help maintain consistent momentum.
effortlessforward – Helpful tips, progress occurs smoothly when actions are taken in simple, deliberate steps.
alliancemembersbond – Practical, united efforts make business goals more achievable and transparent.
driveplanner – Clear logic behind forward movement helps prioritize what matters.