I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
1win yeni hesab 1win yeni hesab
Fortune Tiger continua quente, mas a disputa está mais aberta.
With havin so much content do you ever run into any issues of plagorism or copyright violation? My website has a lot of exclusive content I’ve
either authored myself or outsourced but it
seems a lot of it is popping it up all over the internet
without my permission. Do you know any solutions to help prevent content
from being ripped off? I’d definitely appreciate it.
1win telefon uchun yuklab olish http://1win49027.help
crash demo melbet https://www.melbet63149.help
What i don’t realize is in reality how you are no longer really a lot more
neatly-preferred than you may be now. You are very intelligent.
You know thus significantly when it comes to
this topic, produced me for my part believe it from a lot of varied
angles. Its like women and men don’t seem to be fascinated except it’s one thing to do with Girl gaga!
Your own stuffs great. Always deal with it up!
mostbet android ilova http://www.mostbet38506.help
мембранная кровля
sportwetten beste app
My site … handicap wetten basketball – https://Basketball-Wetten.com
-
1win xush kelibsiz bonusi https://www.1win49027.help
sportwette strategie
Here is my page wetten dass unfall samuel koch heute (gratis-wetten.com)
Very nice write-up. I absolutely love this website. Keep writing!
cum schimb valuta pe melbet https://melbet63149.help/
Awesome issues here. I am very satisfied to see your article.
Thank you a lot and I am taking a look forward to touch you.
Will you kindly drop me a e-mail?
1win UZ login 1win49027.help
Oh my goodness! Awesome article dude! Many thanks, However I am encountering issues with your RSS.
I don’t understand why I can’t join it. Is there anybody else getting the
same RSS issues? Anyone that knows the solution can you kindly
respond? Thanx!!
در نهایت امر
برای افرادی که قصد دارن
بتینگ
سرگرممیشن
این سایت
میتونه انتخاب مناسبی باشه
گزینه قابل اعتمادی باشه
نکته جالب اینهکه
برندهایی مثل
برند еnfejaronline
و
برند sibbet
تونستن کاربرا جذب کنن
در کل داستان
قابل استفاده بود
و
حتما
دوباره چکشمیکنم
Take a look at my website – یادگیری ماشین
1win chat http://www.1win49027.help
melbet nu se deschide melbet nu se deschide
wett tipps heute net
Here is my web site Sportwetten Strategie Immer Gewinnen
the veteran scene started tagging Fortune Ox sessions by intent: test, real, target.
melbet pentru android descarcare melbet pentru android descarcare
WOW just what I was searching for. Came here by searching for meta_keyword new online casino slot games
mostbet roʻyxatdan oʻtish app http://mostbet38506.help/
sichere wetten
Also visit my website wettquoten (Larue)
Howdy I am so happy I found your webpage I really found you by accident while I was browsing on Askjeeve for something else Regardless I am here now and would just like to say thanks a lot for a fantastic post and a all round entertaining blog I also love the theme/design I don’t have time to go through it all at the minute but I have saved it and also included your RSS feeds so when I have time I will be back to read much more Please do keep up the great b. new online slots casino
spiel wetten
My blog; wettanbieter ohne lugas; Roman,
سلام، بنده اخیرا هنگام گشتن تو اینترنت به این سایت برخوردم و راستش رو بخواید
خیلی خوشم اومد. نوشتههاش بهدردبخور
بود و کمتر همچین منبعی پیدا کنم.
فکر کنم برای افراد مختلف مفید باشه.
اگهدنبال یه سایت خوب هستن بد نیست
سر بزنن. در مجموع خوشم اومد و احتمالا بازدیدش میکنم
به شکل کلی
برای اون دسته که
فعالیتهای شرطی
مشغولن
این سیستم آنلاین
به خوبی میتونه
انتخاب درستی باشه
نکته قابل توجه اینه که
نامهایی مثل
enfeјar online
و
شبکه sibƅet
هم در این حوزه فعال هستن
در پایان کار
مفید بود
و
احتمالاً
دوباره استفاده میکنم
.
Feeⅼ free to visit my weƄ page – مرجع آموزشی
For the reason that the admin of this website is working no hesitation very rapidly it will be famous due to its quality contents. best online casino slots for real money
Tournament leaderboards on Treasures of Aztec are filled with steady-volume players.
Mid-stake bands proved the sweet spot for Mahjong Ways 2 this week.
Особенно понравился раздел про Аналитика и новости валют: ваш гид.
Вот, можете почитать:
https://rubl24.ru
Для тех, кто ищет информацию по теме “Обзор новостей топ-клубов и спорта на Мировой Гранд”, есть отличная статья.
Вот, можете почитать:
https://liverpoolnews.ru
mostbet freespins shartlari http://mostbet38506.help/
Bakı 1win Bakı 1win
wettbüro erfurt
Here is my homepage … die Besten Wettstrategien
Bu arada, eger bebek arabas? parca isimleri konusuyla ilgileniyorsan?z, buray? inceleyin. Suradan okuyabilirsiniz: https://toyshediye.com/articles/bebek-arabasi-parcalari-nereye-satilir/
Explore smart strategies for selling bitcoin in india safely while receiving payments quickly.
Hello there I am so thrilled I found your blog page, I really found you
by accident, while I was browsing on Bing for
something else, Anyhow I am here now and would just
like to say many thanks for a incredible post and a all round exciting
blog (I also love the theme/design), I don’t have time to
go through it all at the minute but I have saved it and also
added your RSS feeds, so when I have time I will be back to read a lot more, Please do keep up the fantastic job.
Hi, of course this piece of writing is actually
pleasant and I have learned lot of things from it regarding blogging.
thanks.
Short disciplined sessions are paying off more than uncontrolled marathons.
Howdy very nice blog!! Man .. Excellent .. Superb .. I’ll bookmark your web site and take the feeds
additionally? I’m glad to seek out numerous helpful information here within the publish,
we need work out more techniques in this regard, thanks for sharing.
. . . . .
Instant bank transfer made same-day entry and exit easier.
“humuslu toprak nedir” konusu icin mukemmel bir kaynak var. Iste link: https://hobiprojesi.com/articles/humus-toprak-nedir-ozellikleri-onemi/
1win aviator necə oynanır http://1win81936.help
Hi there! I could have sworn I’ve been to this website before but after browsing through some of the post I realized it’s
new to me. Anyhow, I’m definitely glad I found it and I’ll be bookmarking and checking back often!
There were short sessions hitting x200+ on Fortune Ox without stretching spins beyond plan.
Low bank transfer value keeps dominating fast entries.
Solo focus on Fortune Dragon works only when the rhythm allows it.
Good morning Save money on your gaming expenses by choosing our affordable gold selling service. Verified boosting service with real customer testimonials. More detailed information on the website – https://www.wow-power-leveling.org/Gameplay/wow-all-expansions-cost wow boost cheap wow power leveling org buy wow gold cheap wow 1-70 boost wow leveling guide fast wow leveling boost Good luck and good gameplay