I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
sportwetten bonus paysafecard
My web site … wettanbieter paypal deutschland
pferderennen iffezheim wetten
my page – wett tipps basketball nba (Jerrold)
Ayr?ca, eger tursu ne kadar surede olur konusuyla ilgileniyorsan?z, suraya bir goz at?n. Kendiniz gorun: https://evhobileri.com/articles/tursu-yapim-suresi-ve-ipuclari/
Some platforms are highlighting weekly tournaments with ranking for PG Soft slots.
Wow! At last I got a blog from where I know how to in fact obtain helpful data regarding my study and knowledge.
Wild Bandito stays hot in 2026, multipliers showing up early in off-peak hours sessions.
“converse renkleri” konusu icin burada harika bilgiler var. Kendiniz gorun: https://atletikgiyim.com/articles/converse-renkleri-spor-giyimde-tarz/
Thank you for shedding light on the difficulties faced by those facing censorship.
The importance you place on trusted VPN sites is crucial.
I’m happy to use a network security service focused on unblocking web.
Для тех, кто ищет информацию по теме “Последние трансферные новости и секреты успеха”, там просто кладезь информации.
Вот, можете почитать:
https://armyrubin.ru
در مجموع
برای کسانی که میخوان
سیستمهای شرطبندی
سر و کار دارن
این وبسایت
میتونه
انتخاب قابل قبولی باشه
از این جهت هم
برندهای شناختهشدهای مثل
enfejаronline حرفهای
و
شبکه sibbet
شناخته شدن در این حوزه
در پایان
قابل توجه بود
و
در آینده نزدیک
دوباره سراغش میام
my blog post – سایت اخبار فوتبال
Variance literacy is rising fast among the chat regulars.
Fortune Dragon hit-frequency talk has overtaken jackpot-chase talk.
metricmarket – Overall, professional vibe here; trustworthy, polished, and pleasantly minimal throughout.
I used to be able to find good information from your
articles.
1win web login https://1win5527.ru/
growthhive – Pages loaded fast, images appeared sharp, and formatting stayed consistent.
Treasures of Aztec stays hot in 2026, multipliers showing up early in peak hours sessions.
wettbüro köln
my homepage … die besten wettanbieter (Eloise)
mostbet intrare pe site oficial mostbet intrare pe site oficial
mostbet platby v korunách mostbet platby v korunách
campaigncart – Bookmarked this immediately, planning to revisit for updates and inspiration.
It’s awesome to pay a quick visit this web site and reading
the views of all friends concerning this piece of writing, while I am
also keen of getting familiarity.
wie kann ich beim wetten immer gewinnen (Quentin)
strategystore – Color palette felt calming, nothing distracting, just focused, thoughtful design.
speed n cash лайфак http://www.1winkg.in.net
Кстати, если вас интересует Свежие новости Томской области и мира, загляните сюда.
Вот, делюсь ссылкой:
https://media72tumen.ru
Wonderful goods from you, man. I have understand your stuff
previous to and you’re just extremely magnificent. I actually like what
you’ve acquired here, certainly like what you’re stating and the way in which you
say it. You make it enjoyable and you still take care of to keep it sensible.
I can not wait to read far more from you. This is actually a terrific site.
top games on 1win http://1win5527.ru
“tursu ne kadar surede olur” konusu icin mukemmel bir kaynak var. Kendiniz gorun: https://hobielyazma.com/articles/tursu-ne-zaman-olur/
It’s remarkable for me to have a web page, which
is good for my experience. thanks admin
1win ky login 1win5527.ru
leadstore – Appreciate the typography choices; comfortable spacing improved my reading experience.
1win telegram support 1win telegram support
mostbet bilet anulat http://mostbet40596.help/
mostbet česko stažení mostbet česko stažení
1win oyun qaydaları http://1win64218.help/
cum descarc mostbet pe ios http://mostbet40596.help/
mostbet podpora platby mostbet podpora platby
1win приложение скачать на андроид официальный сайт 1winkg.in.net
After looking into a number of the blog posts on your site, I seriously like your technique
of writing a blog. I saved it to my bookmark website list and will be
checking back in the near future. Please visit my web site as well and tell me what
you think.
When I initially commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get several e-mails with the same comment.
Is there any way you can remove people from that service?
Thanks a lot!
Excellent goods from you, man. I’ve understand your stuff previous to and you’re just extremely great.
I actually like what you have acquired here, certainly like what you are stating and the way in which you say it.
You make it enjoyable and you still care for to keep it sensible.
I can’t wait to read far more from you. This is really a wonderful website.
ставки кыргызстан https://1winkg.in.net
Hello would you mind sharing which blog platform you’re working with?
I’m going to start my own blog in the near future but I’m having a difficult time deciding between BlogEngine/Wordpress/B2evolution and Drupal.
The reason I ask is because your design seems different then most blogs and I’m looking for something unique.
P.S Sorry for getting off-topic but I had to
ask!
1win aviator apk 1win aviator apk
mostbet зеркало Казахстан mostbet зеркало Казахстан
1win блэкҷек https://1win14675.help
1win ios http://1win86307.help/
“modern soz bohcas?” hakk?nda bilgi arayanlar icin cok faydal? bir yaz? buldum. Link burada: https://evhobileri.com/articles/soz-bohcasinin-hazirlanmasi/
Vivi Casino Review