I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
Careers – Structured layout, navigation is straightforward, and job info is clear.
Testimonials – Clean pages, easy navigation, and reading is effortless.
True Harbor Central – Clean visuals and structured content give a professional and trustworthy feel.
browse here – Selection is wide, prices are reasonable, and descriptions make sense
FAQ – Straightforward design, helpful answers, and easy navigation.
Veracity Bond Connect – Clean pages, smooth navigation, and easily digestible content enhance the experience.
Explore Whitestone – Layout is professional, browsing is effortless, and information is easy to follow.
AnchorFlow – Easy-to-follow tips and well-laid-out pages make navigation effortless.
Significant Reel Hub – Layout is tidy, navigation feels intuitive, and content is concise and trustworthy.
visit website – Clean initial impression, minimal layout choices, and content flows smoothly
Contact – Simple interface, intuitive navigation, and content feels approachable.
Community – Neat interface, browsing is intuitive, and information is approachable.
go to site – Fresh ideas presented well, navigation is intuitive, and pages encourage exploration
True Path Access – Layout and menus are easy to understand, making key details simple to find.
Worthline Network – Browsing is simple, structure is intuitive, and content is clear and reliable.
Verifiable Bond Access – Pages load smoothly, content is straightforward, and navigation feels natural.
Testimonials – Clear pages, easy menus, and reading is effortless.
VisionDock – Smooth to navigate, and planning resources are immediately useful.
web access – Menus are clear, structure is straightforward, and details are well presented
official style hub – Cool collections showcased, browsing felt effortless and fun
Visit Veritas Capital – Smooth pages, simple structure, and information is straightforward and clear.
LogicCore – Simple instructions and well-organized layout help complete actions quickly.
Documentation – Clean pages, fast browsing, and content is reliable.
RestoQ Portal – Smooth browsing, clear layout, and content is structured for easy understanding.
content page – Layout remains neat, browsing is comfortable, and text is readable
landing page – Layout feels lively, browsing is smooth, and content is easy to discover
main homepage – Clean professional styling, smooth performance, and reliable content layout
online page – Trendy products featured clearly, site vibe is fresh and stylish
site overview – The interface is clean, menus are intuitive, and information is concise
CAC8899 Central – Smooth user experience, layout is simple, and content is straightforward to read.
page link – A simple approach, executed well, and inspires group learning and interaction
Bonding insights – Clean layout with helpful tips that are easy to follow.
Well-presented collection – Products look carefully selected and arranged.
Chic Emberwild boutique – Browsing is intuitive, and items feel natural and unique.
Stylish product corner – The shop feels accessible, and products are visually appealing.
Golden Maple Boutique Hub – Items are well-presented, and pages are quick to load.
Login – Simple design, quick-loading pages, and instructions are easy to follow.
CoreStead resource – Helpful and concise content that’s simple to understand.
Charming Evening Meadow shop – Navigation is smooth, and products are nicely displayed.
Нужна фотокнига? напечатать фотокнигу печать из ваших фотографий в высоком качестве. Разные форматы и обложки плотная бумага современный дизайн. Поможем с макетом быстрая печать и доставка. Идеально для подарка и семейных архивов
Simple online shopping – The clean design and clear descriptions work well together.
Calm online treasures – The site feels welcoming, and products are easy to navigate and enjoy.
Golden Rift Boutique Hub – Items are well-presented, and pages are quick to load.
Хочешь фотокнигу? сделать фотокнигу на заказ индивидуальный дизайн премиальная печать и аккуратная сборка. Большой выбор размеров и переплётов помощь с версткой. Быстрое производство и доставка
Curated Evening Orchard Hub – Shopping is easy, and product photos are sharp and clear.
CoreWard portal – Smooth browsing and well-structured content.
20Tekzader Base – Interface is tidy, pages load fast, and content is readable and straightforward.
Comfortable online market – The clean layout and quick performance stand out.
Hollow Creek Goods Hub – Layout is simple, products are visible and shopping is straightforward.
Ivory Branch Online Shop – Easy to explore and product selection is thoughtful.