I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
Good afternoon We offer a wide range of services covering all expansions and aspects of the game. WoW arena boost service. Get 1800 2100 or Gladiator rating fast. PvP power leveling. The most complete information on the website – https://www.wow-power-leveling.org/Gameplay/wow-all-expansions-cost wow leveling service gladiator boost wow wow heroic raid boost fast wow boost wow character boost safe power leveling Good luck and good gameplay
Sportwetten De Bonus Ohne Einzahlung geld zurück
Hi I am so grateful I found your blog page, I really found
you by mistake, while I was looking on Google for
something else, Nonetheless I am here now and would just like to
say many thanks for a fantastic post and a all round interesting blog (I
also love the theme/design), I don’t have time to read through it
all at the moment but I have bookmarked it and also added in your RSS feeds, so when I have time I
will be back to read a great deal more, Please do keep up the awesome b.
biathlon wettquoten
Check out my site – lizenz für wettbüro
wettbüro in meiner nähe
Feel free to surf to my page :: basketball-Wetten.com
wettquote bundestagswahl
my web blog; buchmacher us wahl [escapadasfindesemana.eu]
It’s amazing in support of me to have a site, which is beneficial designed for
my experience. thanks admin
Hey! I’m at work browsing your blog from my new iphone 4!
Just wanted to say I love reading your blog and look forward to all your posts!
Carry on the excellent work!
welcher beste e wallet wettanbieter hat den besten bonus
Hello are using WordPress for your site platform?
I’m new to the blog world but I’m trying to get started and create my own. Do you need any coding expertise to make your own blog?
Any help would be really appreciated!
sport wetten tipps heute
Also visit my web site … welche sportwetten seite ist die beste
1win сайт недоступен http://1win68503.help
мелбет ошибка входа мелбет ошибка входа
мостбет официальный сайт регистрация mostbet15384.help
mostbet fingerprint login mostbet fingerprint login
1win uz yuklab olish http://1win59801.help/
1win не открывается что делать 1win не открывается что делать
Sweet blog! I found it while searching on Yahoo News. Do you have any tips on how to get listed
in Yahoo News? I’ve been trying for a while
but I never seem to get there! Thank you
1 вин бонус 1 вин бонус
به شکل خلاصه
برای کسایی که قصد شروع دارن
بازی انفجار آنلاین
تمایل دارن
این وب
احتمالاً میتونه
جزو بهترینها باشه
همچنین
مجموعههایی مثل
enfeϳaronline برتر
و
sibbet فعال
در بین کاربران شناخته شدن
در پایان
قابل توجه بود
و
در آینده
استفاده خواهم کرد
Here is my blog :: مرجع فناوری
Кстати, если вас интересует Последние новости и обзоры кино на Лорд Фильмов, посмотрите сюда.
Смотрите сами:
https://web-freelance.ru
как сменить язык на melbet как сменить язык на melbet
Good morning Choose a legit wow boost provider that values transparency and honesty in every deal. Flexible payment options and secure transactions make the purchasing process smooth and hassle-free. More detailed information on the website – https://www.wow-power-leveling.org/ safe power leveling fast wow boost wow boost service legit wow boost best boosting service wow wow instant boost Good luck and good gameplay
Hi there, its fastidious piece of writing about media
print, we all be aware of media is a impressive source of facts.
melbet live ставки https://melbet94130.help/
mostbet не приходит смс вход mostbet не приходит смс вход
most bet casino https://mostbet94827.help
как войти в 1вин https://www.1win59801.help
лаки джет melbet лаки джет melbet
Hey There. I discovered your blog the usage
of msn. That is an extremely neatly written article.
I will make sure to bookmark it and return to read
more of your helpful information. Thanks for the post. I’ll definitely comeback.
A simple walkthrough for selling bitcoin in india helps avoid unnecessary confusion.
новое зеркало mostbet https://mostbet15384.help/
how to play slots on mostbet https://mostbet94827.help/
1win вывод на uzcard https://1win59801.help/
Can you tell us more about this? I’d care to find out more details.
Helpful information. Fortunate me I found your web site unintentionally, and I am stunned
why this twist of fate didn’t took place earlier!
I bookmarked it.
Для тех, кто ищет информацию по теме “Актуальные новости и события Калужской области”, нашел много полезного.
Вот, делюсь ссылкой:
https://40media.ru
Bu arada soyleyeyim, eger s?k? kesimli uzun kollu erkek ustu konusuyla ilgileniyorsan?z, suraya bir goz at?n. Link burada: https://bedensport.com/articles/siki-kesimli-uzun-kollu-erkek-ustu/
There’s definately a great deal to find out about this topic.
I love all the points you made.
1вин депозит http://1win68503.help
akrilik boya ile cam boyama hakk?ndaki makaleyi tavsiye ederim. Link burada: https://evhobisi.com/articles/akrilik-boya-cam-boyama-uygulamalar-teknikler/
After going over a number of the blog posts on your blog, I truly appreciate your way of blogging.
I added it to my bookmark site list and will be checking back soon. Please visit my website as well and tell me your
opinion.
Excellent gaming site, well done! Gratitude.
1 win online
aviator crash game tips https://aviator67093.help
мелбет сомона барои казино https://melbet39704.help/
Hello Skip the grind and jump straight into the action with our professional leveling team. Experience a fast wow boost that delivers results in hours rather than days for you. More detailed information on the website – https://www.wow-power-leveling.org/cheap-World-of-Warcraft-US-Power-Leveling.html wow gold buy mythic plus carry wow power leveling site wow gold seller wow boost service wow gold for sale Good luck and good gameplay
Nice breakdown. I had the same thought recently and it helped me see it differently.
The part that stood out was how practical it all feels.
Nice reminder that care and patience pay off. Bookmarked for later — thanks for putting
this together.
Доброго Как минимизировать простой оборудования Профилактика оборудования направлена на предотвращение неисправностей и снижение износа. Регулярные проверки помогают поддерживать оборудование в рабочем состоянии. Полная информация по ссылке – https://dagtechservice.ru/about/ книга монтаж промышленного оборудования сервис промышленного оборудования Махачкала договор обслуживание банковского оборудования заказать ремонт оборудования Плановое техническое обслуживание: как избежать дорогостоящих простоев оборудования – Технический сервис договор обслуживания промышленного оборудования Удачи и комфорта в жизни Как снизить влияние простоев на бизнес 0007ef1
I was curious if you ever thought of changing the layout of your blog?
Its very well written; I love what youve got
to say. But maybe you could a little more in the way of content
so people could connect with it better. Youve got an awful lot of text for only having 1 or 2 pictures.
Maybe you could space it out better?
Fortune Dragon stays strong but the race with Fortune Mouse is more balanced this week.