1 Reply Latest reply on Jan 25, 2002 2:20 PM by tclouser

    JBoss2.4/Tomcat3.2  SSL auto-redirect

    dward2 Jan 25, 2002 12:56 PM

      I've seen a lot of discussion on redirectPort with Catalina bundled with JBoss2.4 so that when a <user-data-constraint> is specified as CONFIDENTIAL, Catalina will automatically rediret to https:443,
      but...
      what if I'm using Tomcat3 (not Catalina)?
      and in addition...
      what if I have Apache1.3/mod_jk in front of it?
      Will it still work?

      Is it possible? If so, how?

      thanks!

      • 1714 Views
      • Tags:
        • 1. Re: JBoss2.4/Tomcat3.2  SSL auto-redirect
          tclouser
          tclouser Jan 25, 2002 2:20 PM (in response to dward2)

          David,

          I am pretty sure you should be able to get the redirect working for the bundle that includes tomcat 3.2.x by following the instructions for configuring SSL that can be found at http://jakarta.apache.org/tomcat/index.html , you may also want to modify the jboss.properties to include the following:

          java.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol

          The following addresses your second question:

          http://jakarta.apache.org/tomcat/tomcat-3.2-doc/tomcat-ssl-howto.html#s5

          If you are using mod_jk, apache not tomcat will ensure that the connection is over ssl. Keep in mind that the security provided to the connection is outside the scope and control of the servlet container, although user-data-constraints should still be honored (by not allowing you to see the secured web app resource if you attempt to hit it over http.

          HTH,

          TC

            • Actions