I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
Terms – Legal content is clear, and navigation between pages feels effortless.
Honest Space – Organized layout with fast-loading elements, content is easy to skim.
Bond reference – Easy to navigate and everything responds quickly.
CoreStead network – Informative content and naturally written guidance throughout.
Blog – Informative articles, tidy layout, and smooth reading experience.
Bonded Tracker – Sections are concise and logically arranged for quick comprehension.
Ironclad Connect – Navigation feels natural, pages load quickly, and content is concise.
LB Central – Well-laid-out pages, smooth scrolling, and information is concise.
Dependable Capital site – Fast navigation with readable and concise information throughout.
Bonding Hub – Clear explanations and easy browsing experience.
News – Easy-to-follow layout, professional design, and content is quick to read.
Services – Service details are easy to locate, and browsing between sections is simple.
OB Central – Browsing is effortless, layout is organized, and content is simple to digest.
Capital Gateway – Clear structure, responsive pages, and all sections are easy to navigate.
Bond overview – Good source of info, written in a clear way.
Events – Organized layout, easy navigation, and information is simple to find.
CoreWard learning – Simple interface with practical and reliable information.
Events – Interface is clear, browsing is easy, and details are approachable.
Bond Central – Clean layout, fast-loading pages, and information is clear and concise.
Ищешь музыку? слушать и скачать музыку популярные треки новые релизы плейлисты по жанрам и настроению. Удобный плеер поиск по исполнителям и альбомам стабильное качество звука. Включайте музыку в любое время.
Harbor Online – Well-structured pages, quick navigation, and content is easy to digest.
DirectUnity site – Organized layout with clear and helpful material throughout.
Optimum Space – Menus are intuitive, browsing is seamless, and content is easy to follow.
Home – The homepage loads quickly, and finding information is simple.
Contact – Simple interface, navigation flows easily, and content feels approachable.
Anchor Central Hub – Quick-loading pages, clean design, and navigating information is effortless.
Shop – Fast-loading pages, clear structure, and intuitive browsing.
Bond overview – Well-designed pages that are easy to navigate.
Tutorials – Step-by-step instructions, clear pages, and fast loading.
CornerPeak platform – Easy navigation, organized layout, and a polished look.
Bond Hub Online – Navigation flows smoothly, interface feels polished, and content is readable.
Summit Link – Neat pages, easy navigation, and information is well-presented and accessible.
The Orbit Link – Pages load fast, headings are clear, and information is easy to scan.
Products – Pages load quickly, navigation works well, and content feels reliable.
FAQ – Answers are concise, and sections are logically arranged.
Bonding guide – Organized pages with practical, concise content for readers.
The HS Link – Polished appearance, fast-loading pages, and information is easy to read.
Events – Organized layout, easy navigation, and details are simple to locate.
Testimonials – Clean structure, effortless browsing, and reading is simple.
The Keystone Hub – Pages render quickly, layout is tidy, and content is simple to follow.
Bond insights – Clear explanations that made things click quickly.
Trusted Horizon Central – Clear layout and simple menus help users access content quickly.
Bond overview – Structured and accessible, pages are easy to understand and navigate.
Vertex Bond Resource – Pages load fast, content is clear, and navigation is straightforward.
Community – Easy to browse, content is structured, and layout is tidy.
Mariner Space – Clear menus, well-structured pages, and content is easy to follow.
Summit Hub – Smooth browsing experience and the layout is easy to understand.
PL Spot – Smooth browsing, clean structure, and content is easy to understand.
Services – Layout is simple, and browsing between sections is easy.
Impact Spot – Sleek interface with smooth transitions, information is concise and readable.