I’m writing this down because it too me an age to figure out a way of doing this. I have a website which Tomcat is happily serving. Areas of the site require a secure connection so I’m using Spring security to require particular URLs to be accessed over HTTPS. It means that when I access http://example.org:8080/webapp/login, it’ll bump me to https://example.org:8443/webapp/login. Note: Tomcat is setup with the SSL connector and a self signed .keystore see (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html).
I have two vhosts setup in Apache, one for the http://example.org and one for https://example.org. They are both using mod_proxy to ProxyPass and ProxyPassReverse requests to the appropriate Tomcat URL’s. The problem comes when switching to HTTPS from HTTP and vice versa. Ideally I wanted some sort of ProxyPassReverse declaration in my config for http://example.org what would change HTTP headers (that Spring sets) for https://example.org:8443/webapp into https://example.org. Except ProxyPassReverse doesn’t work like that.
Now, I realise I could simply not use Spring to manage which parts of the site should be accessed over HTTPS and which should not…and just setup Apache to redirect as appropriate. I don’t want to do that though, because that makes the task of adding these restrictions a deploy time task, rather than a development time task. I don’t want to risk someone forgetting to add new restrictions when deploying the webapp and I’d much rather the developer added these restrictions when they were working on the task and really thinking about where and when they are needed.
So, how do I solve the problem so that the app can manage its secure-ness and I can setup Apache once and forget about it? The answer is to ProxyPassReverse onto a “special” URL, which when accessed will redirect to the HTTPS (or HTTP) site. For example, if the HTTP site needed to redirect to the HTTPS site, I’d add rules like so to perform the redirect:
# Proxy a request (from the server) to switch to https onto a special URL "/2https/"
ProxyPassReverse /2https/ https://example.org:8443/webapp/
# When a client requests a URL prefixed with "/2https" map it onto the secure site
RewriteRule ^/2https/(.*)$ https://example.org/$1 [R,L]
…and you’d add something similar to the secure site Apache config. As long as I don’t mount any pages at /2http or /2https I should be ok. Note a couple of things:
- You’ll need “SSLProxyEngine on” and “RewriteEngine on” and obviously the appropriate Apache modules loaded for these commands.
- Because of the redirect between HTTP <-> HTTPS you won’t be able to POST data between them directly (I’m not sure why you’d NEED to though)
- Obviously you’ll need to setup Apache with an SSL certificate…but that is a different story
I should say a special thanks to this random site – from whence the idea actually came from. If anyone has any better ideas on how to do it I’d love to hear them. Please comment below.
future roadmap portal – Step-by-step guidance makes planning ahead simple and clear.
Platform overview – Organized layout, intuitive menus, and understanding services is effortless.
zexaro trustline resource – Logical structure and intuitive menus make accessing information easy.
yaverobonding.bond – Nice experience overall, pages are organized and fairly user friendly.
FAQ – Questions and answers are clearly presented for quick reference.
online access – Quick access to information, pages load fast, very user-friendly
trusted finance site – Well-structured content helps users find information quickly.
talix web – Minimal distractions, smooth browsing, and information is easy to locate
Trust company homepage – The presentation is professional, with clear info and seamless browsing.
vixarocore.bond – Fast-loading pages, clean layout, and information is straightforward.
Trust web portal – Navigation feels natural, making it a useful starting point for learning.
Official Naviro portal – Well-laid-out interface, smooth navigation, and details are clear and helpful.
Home – Clean layout, easy navigation, and content is clearly organized for visitors.
professional trust site – Navigation flows nicely, and everything is neatly arranged.
bond-focused platform – Easy-to-read sections make browsing feel natural and relaxed.
Blog – Fast navigation, professional layout, and content provides value for readers.
Bond overview hub – Clean pages, organized interface, and the site gives a positive impression.
TrustedEnterpriseHub – Clear and practical content, frameworks are presented in an organized manner.
zorivocapital.bond – Looks solid, user friendly, provides useful details without any confusion online.
Resources – Files and links are structured logically for convenient browsing.
this capital website – Seems insightful and might be useful on a future visit.
xenrix.click – Clean layout, pages load quickly and information is clear
Resource portal – Clean structure, simple navigation, and content is straightforward to understand.
Bond information page – Clearly structured layout, effective navigation, and relevant details.
bond services page – Clean structure, concise information, and smooth scrolling.
Tutorials – Step-by-step guides are structured neatly, and content is easy to understand.
塔尔萨之王第二季高清完整版,海外华人可免费观看最新热播剧集。
official bond site – Navigation feels smooth, and the content is straightforward to follow.
Partners – Fast loading, professional design, and content feels reliable for visitors.
investment website – Content is straightforward and doesn’t overwhelm while browsing.
loryx link – Information is clear, layout is neat, and the site encourages curiosity
Company homepage – Clear layout, smooth menus, and finding relevant information is effortless.
TrustConnectHub – Organized and informative, networking globally is efficient and simple.
About Us – Pages are structured logically, providing useful information in a clean layout.
yavero holdings platform – Information is presented clearly, making it easy to comprehend offerings.
Korva Website – Found this by accident, the layout is modern and pleasant to look at
Financial platform – Simple to explore, trustworthy in appearance, and content is useful.
financial resource page – Content is readable, and pages react quickly without issues.
Downloads – Files are well-organized and pages are easy to explore.
<secure bond hub – Clean visuals, readable sections, and pages load without lag.
financial portal – Simple design makes everything intuitive and easy to understand.
Downloads – Intuitive interface, fast-loading pages, and information is well presented for visitors.
Official portal – Clear design, intuitive navigation, and content is easy to read.
webdesignstudio.click – Mobile version looks perfect; no glitches, fast scrolling, crisp text.
Primary platform link – Clean design and logical flow make navigating the content effortless.
funnelpilot.click – Color palette felt calming, nothing distracting, just focused, thoughtful design.
Main platform link – The concept seems well thought out, and the site explains things without confusion.
roiengine.click – Mobile version looks perfect; no glitches, fast scrolling, crisp text.
Mivaro official page – Minimalist interface, pages load quickly, and content is organized for users.
online trust homepage – Pages load smoothly and the overall flow feels reliable.