On Tue, May 14, 2024 at 11:38 PM Christopher Schultz
<ch...@christopherschultz.net <mailto:ch...@christopherschultz.net>> wrote:
Lavanya,
On 5/14/24 15:11, lavanya tech wrote:
> You are right. We need aliasing here which means the URL in the
browser
> does not change.
> May I know where should I put the below rewrite files ?
>
> # Redirect everything that is not server.lbg.com
<http://server.lbg.com> to
> # server.lbg.com <http://server.lbg.com>. Don't worry about /towl
yet.
> RewriteCond %{HTTP_HOST} !^server\.lbg\.com$
> RewriteRule ^/(.*) https://server.lbg.com:8443/$1
<https://server.lbg.com:8443/$1> [R=301,L]
>
> # Redirect anything that isn't already going to /towl
> # to go to /towl
> RewriteCond %{REQUEST_URI} !^/towl
> RewriteRule ^/(.*) https://server.lbg.com:8443/towl/$1
<https://server.lbg.com:8443/towl/$1> [R=301,L]
AIUI, you can put all of the above in conf/rewrite.config and configure
the <Valve> under your <Host> just as you had it before.
If you want aliasing and not redirection, then you don't want the [R]
flag. IMO, you should really do a redirect. If you don't, then the
application and the browser disagree about the base URL and all
kinds of
things like that.
-chris
> On Tuesday, May 14, 2024, Christopher Schultz
<ch...@christopherschultz.net <mailto:ch...@christopherschultz.net>>
> wrote:
>
>> Lavanya,
>>
>> On 5/14/24 09:12, lavanya tech wrote:
>>
>>> IMHO removing the port number is always the preferred solution
— I never
>>>> did it
>>>>
>>>>
>>>>> can we achieve this with tomcat or we need to setup an
reverse proxy
>>>>> here.
>>>>>
>>>>>
>>>> Your application uses whatever internal URLs it wants. Are you
building
>>>> those yourself, or are you asking Tomcat for the e.g.
hostname, etc.? If
>>>> it's Tomcat, this is where the proxyName and proxyPort come in.
>>>>
>>>
>>> - Yes, I have not built these UrLs before. It’s was working
from the
>>> very
>>> beginning. As. I mentioned we are not able to reach goal or
whatever.
>>>
>>> Rather than saying redirection, I would say it’s aliasing.
>>>
>>
>> Please be specific. "Aliasing" (to me) means "the URL does to
the right
>> place but doesn't change in the browser's URL" and "redirection" (to
>> everybody) means "HTTP 301 or 302 response to a new URL".
>>
>> Instead of moving applications or changing tomcat configuration
it’s easier
>>> to achieve with reverse proxy ?
>>>
>>> https://example.lbg.com/ <https://example.lbg.com/> to
https://server.lbg.com:8443/towl <https://server.lbg.com:8443/towl>
>>>
>>
>> This will be a nightmare. Do not try to rewrite URLs using a reverse
>> proxy. You should redirect users to the right place if
necessary. You can
>> use a reverse-proxy if you want, but it won't be any less
complicated than
>> having Tomcat do it.
>>
>> I think your rewrite.config file just needs a few tweaks:
>>
>> # Redirect everything that is not server.lbg.com
<http://server.lbg.com> to
>> # server.lbg.com <http://server.lbg.com>. Don't worry about
/towl yet.
>> RewriteCond %{HTTP_HOST} !^server\.lbg\.com$
>> RewriteRule ^/(.*) https://server.lbg.com:8443/$1
<https://server.lbg.com:8443/$1> [R=301,L]
>>
>> # Redirect anything that isn't already going to /towl
>> # to go to /towl
>> RewriteCond %{REQUEST_URI} !^/towl
>> RewriteRule ^/(.*) https://server.lbg.com:8443/towl/$1
<https://server.lbg.com:8443/towl/$1> [R=301,L]
>>
>> The application should be deployed as towl.war (or towl/
directory). You
>> should listen on ports 80, 443, and 8443, and you should always
end up at
>> the right place. You should have proxyPort="8443" and proxyName="
>> server.lbg.com <http://server.lbg.com>" in your <Connector>.
>>
>> You will not need a ROOT context, since the rewrite will take
care of that
>> for you.
>>
>> -chris
>>
>> On Mon, May 13, 2024 at 10:17 PM lavanya tech
<lavanyatech...@gmail.com <mailto:lavanyatech...@gmail.com>>
>>>> wrote:
>>>>
>>>> Hi Chris,
>>>>
>>>> Sorry, If I did confuse. It’s important that
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl> is always working. Goal is not to
>>>> disable /towl, but just redirect or aliasing
>>>>
>>>> https//example.lbg.com/ <http://example.lbg.com/> to
https://server.lbg.com:8443/towl <https://server.lbg.com:8443/towl>
>>>>
>>>>
>>>>
>>>>
>>>> Thanks,
>>>> Lavanya
>>>>
>>>> On Monday, May 13, 2024, Christopher Schultz <
>>>> ch...@christopherschultz.net <mailto:ch...@christopherschultz.net>
>>>>
>>>>>
>>>>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>> On 5/13/24 05:57, lavanya tech wrote:
>>>>
>>>> Somehow made it work now i can only access urls as you
mentioned before
>>>> https://example.lbg.com <https://example.lbg.com> and
https://server.lbg.com <https://server.lbg.com> with port 8443 and
>>>> with
>>>> out
>>>>
>>>> https://example.lbg.com/towl <https://example.lbg.com/towl>
and https://server.lbg.com/towl <https://server.lbg.com/towl> --> I
>>>> have an
>>>> error now File not found.
>>>>
>>>> So i think we need to make work https://example.lbg.com/
<https://example.lbg.com/> to
>>>> https://server.lbg.com/towl <https://server.lbg.com/towl>
>>>>
>>>>
>>>> I'm sorry, I'm still confused as to which way you want things.
>>>>
>>>> Do you want to redirect /towl -> / or do you want to redirect
/ - >
>>>> /towl?
>>>>
>>>> Or does it depend upon the hostname? It would really be better
if you
>>>> could settle on one specific beahvior.
>>>>
>>>> -chris
>>>>
>>>> On Mon, May 13, 2024 at 9:41 AM lavanya tech
<lavanyatech...@gmail.com <mailto:lavanyatech...@gmail.com>>
>>>>
>>>> wrote:
>>>>
>>>> Hi Chris,
>>>>
>>>>
>>>> Where are you defining the RewriteValve itself?
>>>>
>>>> Defined rewritevalve here
>>>> <Host name="localhost" appBase="webapps"
>>>> unpackWARs="true" autoDeploy="true">
>>>>
>>>> <Valve
>>>> className="org.apache.catalina.valves.rewrite.RewriteValve" />
>>>> resource="conf/rewrite.config" />
>>>>
>>>> 2) reated rewrite.config and added as below under conf/
>>>>
>>>> RewriteCond %{REQUEST_URI} ^/towl/(.*)
>>>> RewriteRule ^/towl/(.*) https://example.lbg.com/%1
<https://example.lbg.com/%1> [R]
>>>>
>>>> 3) After renaming towl to ROOT ->
/webapps/ROOT/WEB-INF/web.xml ( I
>>>> already have this mappings /* in web.xml file)
>>>>
>>>> <security-constraint>
>>>> <web-resource-collection>
>>>> <web-resource-name>Logging Area</web-resource-name>
>>>> <description>
>>>> Authentication for registered users.
>>>> </description>
>>>> <url-pattern>/*</url-pattern>
>>>> <url-pattern>/api/v1/search</url-pattern> <!--
protect search
>>>> endpoint whitelisted above -->
>>>> <url-pattern>/api/v1/suggest/*</url-pattern> <!--
protect
>>>> suggest
>>>> endpoint whitelisted above -->
>>>> </web-resource-collection>
>>>> <auth-constraint>
>>>> <role-name>LDAP_USER</role-name>
>>>> <role-name>api</role-name>
>>>> </auth-constraint>
>>>> </security-constraint>
>>>>
>>>> 4) Restarted Tomcat, Then I cannot access
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl>
>>>> --> Have below error
>>>>
>>>> Message java.nio.file.NoSuchFileException:
>>>> /git/apache-tomcat-10.1.11/webapps/towl/WEB-INF/lib/xss-1.0.8.jar
>>>>
>>>> Description The server encountered an unexpected condition that
>>>> prevented
>>>> it from fulfilling the request.
>>>>
>>>> 5) Also https://example.lbg.com <https://example.lbg.com>
doesnot work anymore
>>>>
>>>> Before you do anything with redirecting, can you just make
sure you are
>>>> only deploying ROOT.war and nothing else?
>>>> How can I do that. I already changed towl.war to ROOT.war
>>>>
>>>> But still both the urls have error as mentioned above.
>>>>
>>>>
>>>> Si I revereted back the changes.
>>>> That's weird. Try stopping, deleting the work/ directory and
restarting.
>>>> --> I have this wierd behavior for some reason, thoudh
index.jsp is
>>>> located
>>>> no changes were made to file. After deleting cookies url works
>>>>
>>>> where Am I going wrong.
>>>>
>>>> Thanks,
>>>> Lavanya
>>>>
>>>>
>>>> On Fri, May 10, 2024 at 6:50 PM Christopher Schultz <
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>>
>>>> On 5/10/24 04:37, lavanya tech wrote:
>>>>
>>>> I tried the below and have the issues.
>>>>
>>>> 1)proxyPort="443" and proxyName="example.lbg.com
<http://example.lbg.com>" to the connector
>>>> 2) remanmed towl.war to ROOT.war
>>>> 3) created rewrite.config and added as below under conf/
>>>>
>>>>
>>>> Where are you defining the RewriteValve itself?
>>>>
>>>> RewriteCond %{REQUEST_URI} ^/towl/(.*)
>>>>
>>>> RewriteRule ^/towl/(.*) https://example.lbg.com/%1
<https://example.lbg.com/%1> [R]
>>>>
>>>>
>>>> If this is being handled by the ROOT servlet then I think it's
right.
>>>>
>>>> 4) added this in web.xml file of /webapps/towl/web.xml/
>>>>
>>>>
>>>> <!-- Servlet mappings -->
>>>> <!-- Add your existing servlet mappings here -->
>>>>
>>>> <!-- Security constraint to restrict access to /towl
path -->
>>>> <security-constraint>
>>>> <web-resource-collection>
>>>> <web-resource-name>Restricted Access to
>>>> /towl</web-resource-name>
>>>> <url-pattern>/towl/*</url-pattern>
>>>>
>>>>
>>>> No, this is wrong. Since this is the "towl" application and
not ROOT,
>>>> you want to map /* and not /towl/* because the application
will never
>>>> see the /towl/ as it's an application/context prefix that
Tomcat will
>>>> remove.
>>>>
>>>> </web-resource-collection>
>>>>
>>>> <auth-constraint>
>>>> <!-- Deny access to all roles -->
>>>> </auth-constraint>
>>>> </security-constraint>
>>>>
>>>> Also I noticed that even if I rename the towl application to ROOT,
>>>> when
>>>>
>>>> i
>>>>
>>>> call the url with https://example.lbg.com/towl
<https://example.lbg.com/towl> --> this towl
>>>> directory
>>>>
>>>> is
>>>>
>>>> getting created under webapps by default
>>>>
>>>>
>>>> If webapps/towl is being created, then it's happening for some
other
>>>> reason. Do you have anything under conf/Catalina/*/towl.xml which
>>>> points
>>>> to a WAR file or something? If so, remove that.
>>>>
>>>> 5) Resarted tomcat and I have the below error and all the urls
have the
>>>>
>>>> same issue
>>>>
>>>> Message org.apache.jasper.JasperException:
>>>> java.lang.ClassNotFoundException: org.apache.jsp.index_jsp
>>>>
>>>>
>>>> That's weird. Try stopping, deleting the work/ directory and
>>>> restarting.
>>>>
>>>> Description The server encountered an unexpected condition that
>>>>
>>>>
>>>> prevented
>>>>
>>>> it from fulfilling the request.
>>>>
>>>> Exception
>>>>
>>>> org.apache.jasper.JasperException:
org.apache.jasper.JasperException:
>>>> java.lang.ClassNotFoundException: org.apache.jsp.index_jsp
>>>>
>>>>
>>>> org.apache.jasper.servlet.JspServletWrapper.handleJspException(
>>>> JspServletWrapper.java:578)
>>>>
>>>>
>>>>
>>>> org.apache.jasper.servlet.JspServletWrapper.service(
>>>> JspServletWrapper.java:422)
>>>>
>>>>
>>>>
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:380)
>>>> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:328)
>>>> jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658)
>>>> org.apache.tomcat.websocket.se
<http://org.apache.tomcat.websocket.se>
>>>> rver.WsFilter.doFilter(WsFilter.java:51)
>>>>
>>>>
>>>> Before you do anything with redirecting, can you just make
sure you are
>>>> only deploying ROOT.war and nothing else?
>>>>
>>>> This should allow you to reach the application at both
>>>> https://example.lbg.com/ <https://example.lbg.com/> and
https://server.lbg.com/ <https://server.lbg.com/> as well as both
>>>> of
>>>> those with port 8443.
>>>>
>>>> Then use the applications and make sure they are working as
expected.
>>>> Then, we'll add the /towl handling.
>>>>
>>>> -chris
>>>>
>>>> On Thu, May 9, 2024 at 11:20 PM Christopher Schultz <
>>>>
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>>
>>>> On 5/9/24 13:48, lavanya tech wrote:
>>>>
>>>> Thank you so much for your explanation. I will try these options.
>>>>
>>>> Do server and example both resolve to the same IP?
>>>> -yes
>>>>
>>>>
>>>> Good, that significantly reduces the complexity required,
since you
>>>> can
>>>> do it will a single process (Tomcat) in a single environment.
>>>>
>>>> So I need follow both 4a/b and 5a/b steps here or any of them ?
>>>>
>>>>
>>>> If I setup exactly by using below steps , then I should access
both
>>>>
>>>> the
>>>>
>>>>
>>>> urls right ? https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl> and
>>>>
>>>>
>>>> https://example.lbg.com <https://example.lbg.com>
>>>>
>>>> If you visit either hostname with /towl, you will be redirected to
>>>> example.lbg.com/ <http://example.lbg.com/> with no port
number. example:8443 will still work
>>>> and
>>>> no redirect will take place... unless you specifically make
>>>>
>>>> arrangements
>>>>
>>>>
>>>> for that. We can do that later if you really want to.
>>>>
>>>>
>>>> Let's get the other things working, first.
>>>>
>>>> -chris
>>>>
>>>> On Thursday, May 9, 2024, Christopher Schultz <
>>>>
>>>>
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>>
>>>>
>>>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>>
>>>> On 5/9/24 02:58, lavanya tech wrote:
>>>>
>>>> Just giving background again of this topic again.
>>>>
>>>>
>>>> 1) The application team who is working they wanted to access the
>>>> url
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl> —> which should redirect or
>>>> point
>>>>
>>>> to
>>>>
>>>>
>>>> https://example.lbg.com <https://example.lbg.com>
>>>>
>>>>
>>>> Is that a typo? You want specifically
https://server.lbg.com/towl <https://server.lbg.com/towl>
>>>>
>>>> and
>>>>
>>>>
>>>> https://example.lbg.com/ <https://example.lbg.com/> to point
to your application?
>>>>
>>>> — It’s not the Typo the requirements are
still
>>>> the
>>>>
>>>> same.
>>>>
>>>>
>>>>
>>>>
>>>> Okay.
>>>>
>>>> Do server and example both resolve to the same IP?
>>>>
>>>> 2) Hence I added firewall rule to redirect port 443 to 8443. And
>>>> the
>>>>
>>>> url
>>>>
>>>>
>>>> https://example.lbg.com <https://example.lbg.com> started
working but its pointing to
>>>>
>>>> https://server.lbg.com:8443 <https://server.lbg.com:8443>
indeed and not
>>>>
>>>> https://server.lbg.com:8443/to <https://server.lbg.com:8443/to>
>>>>
>>>>
>>>> wl
>>>>
>>>>
>>>> But then they wanted the point 1 to have it. If I understood
>>>>
>>>> correctly. So
>>>>
>>>>
>>>> basically to achieve this we wanted a reverse proxy setup ?
>>>>
>>>>
>>>> I didnot define any additional host in server.xml file on just
>>>> left
>>>>
>>>> to
>>>>
>>>>
>>>> default to local host.
>>>>
>>>>
>>>>
>>>> Here's what you have to do in order to support this odd
>>>>
>>>> configuration.
>>>>
>>>>
>>>>
>>>> 1. Configure your firewall to route port 443 -> 8443. I suspect
>>>> this
>>>>
>>>> is
>>>>
>>>>
>>>> already done.
>>>>
>>>>
>>>> 2. Deploy Tomcat on server.lbg.com <http://server.lbg.com>
with a <Connector> on port
>>>> 8443.
>>>>
>>>> This
>>>>
>>>>
>>>> is the default, so there shouldn't be anything to do. I
suspect this
>>>>
>>>>
>>>> is
>>>>
>>>>
>>>> already done. You should set proxyPort="443" and proxyName="
>>>>
>>>> example.lbg.com <http://example.lbg.com>" in your <Connector>.
This will ensure that any
>>>> URLs
>>>> generated by Tomcat or your application will point to
>>>> https://example.lbg.com/ <https://example.lbg.com/> and not to
server.lbg.com <http://server.lbg.com> or have a port
>>>>
>>>> number
>>>>
>>>>
>>>> or whatever.
>>>>
>>>>
>>>> 3. Re-name your application directory or WAR file from towl ->
ROOT
>>>>
>>>> (upper
>>>>
>>>>
>>>> case is important). So if you have tomcat/webapps/towl re-name
that
>>>>
>>>>
>>>> to
>>>>
>>>>
>>>> tomcat/webapps/ROOT or if you have tomcat/webapps/towl.war re-name
>>>>
>>>>
>>>> that
>>>>
>>>>
>>>> to
>>>>
>>>>
>>>> tomcat/webapps/ROOT.war.
>>>>
>>>>
>>>> The last thing to do is get /towl to re-direct to /. There are a
>>>> few
>>>>
>>>> ways
>>>>
>>>>
>>>> of doing that.
>>>>
>>>>
>>>> 4a. Configure your application (now called ROOT and deployed on /
>>>> and
>>>>
>>>> not
>>>>
>>>>
>>>> /towl anymore) to handle the /towl URL and specifically redirect
>>>>
>>>> this
>>>>
>>>> back
>>>>
>>>>
>>>> to /. This is oddly specific and has the application trying to
>>>>
>>>>
>>>> redirect
>>>>
>>>>
>>>> to
>>>>
>>>>
>>>> itself which is weird.
>>>>
>>>>
>>>> 4b. Create a new application called towl or towl.war which will be
>>>> deployed on /towl and have THAT redirect to /. I think this is
>>>>
>>>> cleaner
>>>>
>>>>
>>>> because you can call the application anything you'd like and
it will
>>>>
>>>>
>>>> still
>>>>
>>>>
>>>> work. You don't have to match URL patterns yourself, you just
>>>>
>>>> re-name
>>>>
>>>> the
>>>>
>>>>
>>>> WAR file if you suddenly want to use /towl2 instead of /towl.
>>>>
>>>>
>>>> There are several ways to redirect.
>>>>
>>>> 5a. Use the rewrite valve and map /(*) to (global redirect) /\1. A
>>>>
>>>> few
>>>>
>>>>
>>>> notes: (1) the (*) means "capture this string" and \1 means
"put the
>>>>
>>>>
>>>> string
>>>>
>>>>
>>>> back. This allows you to redirect /towl/foo/bar to /foo/bar
instead
>>>>
>>>>
>>>> of
>>>>
>>>>
>>>> losing the /foo/bar. This syntax may not be perfect, adapt it
to your
>>>>
>>>> needs. (2) Remember that the towl application is deployed on /towl
>>>> so
>>>>
>>>> you
>>>>
>>>>
>>>> don't want to redirect /towl/foo/bar you only want redirect
/foo/bar
>>>>
>>>>
>>>> since
>>>>
>>>>
>>>> the URL will be relative to the current context (/towl). Got that?
>>>>
>>>>
>>>> Finally,
>>>>
>>>>
>>>> (3) you need to use a global redirect that does *NOT* redirect
back
>>>>
>>>>
>>>> to
>>>>
>>>>
>>>> the
>>>>
>>>>
>>>> /towl application. Normally, if you redirect to /foo you'll get an
>>>>
>>>> application-relative redirect from something like a rewrite
>>>> valve/filter/whatever. Take care to redirect relative to the
SERVER
>>>>
>>>> and
>>>>
>>>>
>>>> not
>>>>
>>>>
>>>> to the application.
>>>>
>>>>
>>>> 5b. Write your own servlet to do a specific redirect.
>>>>
>>>> I hope that helps,
>>>> -chris
>>>>
>>>> On Wednesday, May 8, 2024, Christopher Schultz <
>>>>
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>>
>>>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>>
>>>> On 5/8/24 06:48, lavanya tech wrote:
>>>>
>>>> I figured out how I can it make it work with 443. Now the URls
>>>> are
>>>>
>>>> working.
>>>> I added iptables route 443 to 8443 and it started working.
>>>>
>>>> nslookup example.lbg.com <http://example.lbg.com>
>>>>
>>>> Non-authoritative answer:
>>>> Name: server.lbg.com <http://server.lbg.com>
>>>> Address: 192.168.200.105
>>>> Aliases: example.lbg.com <http://example.lbg.com>
>>>>
>>>>
>>>> I have some application towl running with apache tomcat. I have
>>>>
>>>> the
>>>>
>>>>
>>>> below
>>>>
>>>> URLs working.
>>>>
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl>
>>>> https://server.lbg.com <https://server.lbg.com>
>>>> https://example.lbg.com <https://example.lbg.com>
>>>> https://example.lbg.com/towl <https://example.lbg.com/towl>
>>>>
>>>>
>>>> Now i wanted to disable the url https://example.lbg.com/towl
<https://example.lbg.com/towl>
>>>> and
>>>> https://server.lbg.com <https://server.lbg.com> and access
only the other remaining two.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I would *highly* recommend that you pick either /towl or / and not
>>>>
>>>>
>>>> try to
>>>>
>>>>
>>>> do both, unless you want to deploy the application twice (which is
>>>>
>>>>
>>>> fine,
>>>>
>>>>
>>>> just deploy towl.war and ROOT.war as copies of each other). If you
>>>>
>>>>
>>>> try to
>>>>
>>>>
>>>> re-write /towl to / or / to /towl, you'll find you spend the rest
>>>>
>>>>
>>>> of
>>>>
>>>>
>>>> your
>>>>
>>>>
>>>> days tracking-down edge-cases and "fixing" them -- likely making
>>>>
>>>>
>>>> things
>>>>
>>>>
>>>> confusing and, probably, worse.
>>>>
>>>>
>>>> In the end our goal to makesure that the links are not always
>>>>
>>>> dead as
>>>>
>>>>
>>>> soon
>>>>
>>>>
>>>> as the towl is moved to a new machine. Can you pelase assit me
>>>>
>>>> how
>>>>
>>>> to do
>>>>
>>>>
>>>> that?
>>>>
>>>>
>>>>
>>>> The goal should be that "moving" the application only means
>>>>
>>>>
>>>> changing
>>>>
>>>>
>>>> DNS
>>>>
>>>>
>>>> and everything else works as expected.
>>>>
>>>>
>>>> If you:
>>>>
>>>> 1. Deploy the application with a single context (e.g. /towl,
>>>> which
>>>>
>>>> I
>>>>
>>>>
>>>> recommend)
>>>>
>>>>
>>>> 2. Re-direct / to /towl (this requires a reverse-proxy or a ROOT
>>>> application that does nothing but redirect ; my personal
>>>>
>>>> preference)
>>>>
>>>>
>>>>
>>>> 3. Do not define any <Host> other than "localhost" and make it
>>>> the
>>>> default. Do not bother with any <Alias> elements since they are
>>>> not
>>>> necessary.
>>>>
>>>> Moving the application should only require that you:
>>>>
>>>> 4. Deploy the same application with the same configuration in the
>>>>
>>>> new
>>>>
>>>>
>>>> location
>>>>
>>>>
>>>> 5. Change DNS to point example.lbg.com
<http://example.lbg.com> and server.lbg.com <http://server.lbg.com>
to the
>>>>
>>>> new
>>>>
>>>>
>>>> location of the service
>>>>
>>>>
>>>> Hope that helps,
>>>> -chris
>>>>
>>>> On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz <
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>> On 4/30/24 07:10, lavanya tech wrote:
>>>>
>>>> Can you tell me how to do the below ? How should I setup Tomcat
>>>> in
>>>> server.xml ?
>>>>
>>>>
>>>> If you want to use port 443 (the default port for HTTPS) then you
>>>>
>>>> will
>>>>
>>>>
>>>> need to change Tomcat to bind to port 443 (if that's allowed on
>>>>
>>>>
>>>> your
>>>>
>>>>
>>>> OS)
>>>>
>>>>
>>>> or arrange to have port 443 routed to port 8443. You may need
>>>>
>>>>
>>>> additional
>>>>
>>>>
>>>> configuration in Tomcat (specifically: proxyPort) to avoid having
>>>>
>>>>
>>>> Tomcat
>>>>
>>>>
>>>> generate URLs with ":8443" in them.
>>>>
>>>>
>>>> Looking forward to your reply.
>>>>
>>>>
>>>> If Tomcat is listening on port 8443 then you will need to include
>>>>
>>>> that
>>>>
>>>>
>>>> in your URL, period. If you want to allow URLs without a port
>>>>
>>>>
>>>> number,
>>>>
>>>>
>>>> you will have to arrange to have something listening on port 443.
>>>>
>>>>
>>>> On Windows, Tomcat can listen directly on port 443. On UNIX and
>>>> UNIX-like systems, you won't be able to do this without running
>>>>
>>>> Tomcat
>>>>
>>>>
>>>> as root WHICH YOU ABSOLUTELY SHOULD NOT DO.
>>>>
>>>>
>>>> There are other ways to get port 443 working, but I'll need to
>>>> know
>>>>
>>>> more
>>>>
>>>>
>>>> about your environment. The port issue is "easier" than figuring
>>>>
>>>>
>>>> out
>>>>
>>>>
>>>> whatever is going on with your DNS, aliases, etc. so I would
>>>>
>>>>
>>>> recommend
>>>>
>>>>
>>>> we fix one thing at a time.
>>>>
>>>>
>>>> -chris
>>>>
>>>> On Mon, Apr 29, 2024 at 2:03 PM lavanya tech <
>>>>
>>>> lavanyatech...@gmail.com <mailto:lavanyatech...@gmail.com>>
>>>>
>>>>
>>>> wrote:
>>>>
>>>>
>>>> Hi Chris,
>>>>
>>>> There is no issues with browser, because I tested with different
>>>>
>>>> browsers
>>>>
>>>> and it all works fine. I am sure that there is no issue with the
>>>> certificate.
>>>> Because I was able to establish successful connections
>>>> with
>>>>
>>>> port
>>>>
>>>>
>>>>
>>>> 8443, it
>>>>
>>>> just doesnot work with out port
>>>>
>>>> curl https://example.lbg.com/towl
<https://example.lbg.com/towl>
>>>> curl: (56) Received HTTP code 504 from proxy after CONNECT
>>>> curl: (56) Received HTTP code 504 from proxy after CONNECT
>>>>
>>>>
>>>> If you want to use port 443 (the default port for HTTPS) then you
>>>>
>>>> will
>>>>
>>>>
>>>> need to change Tomcat to bind to port 443 (if that's allowed on
>>>>
>>>>
>>>> your
>>>>
>>>>
>>>> OS)
>>>>
>>>>
>>>> or arrange to have port 443 routed to port 8443. You may need
>>>>
>>>>
>>>> additional
>>>>
>>>>
>>>> configuration in Tomcat (specifically: proxyPort) to avoid having
>>>>
>>>>
>>>> Tomcat
>>>>
>>>>
>>>> generate URLs with ":8443" in them.
>>>>
>>>>
>>>> <Connector port="443" protocol="HTTP/1.1"
>>>> connectionTimeout="20000"
>>>> redirectPort="8443"
>>>> maxThreads="150"
>>>> scheme="https" secure="true" SSLEnabled="true"
>>>> keystoreFile="path_to_your_keystore_file"
>>>> keystorePass="your_keystore_password"
>>>> keystoreType="PKCS12"
>>>> clientAuth="false" sslProtocol="TLS"
>>>> proxyPort="443"/>
>>>>
>>>> should i use connect port like the above ? But you mentioned
>>>>
>>>> before
>>>>
>>>>
>>>> we
>>>>
>>>>
>>>> dont need any configuration changes. Please clarify I am not able
>>>>
>>>>
>>>> to
>>>>
>>>>
>>>>
>>>> figure
>>>>
>>>> this out and I have this issue many days pending. How to make it
>>>>
>>>> work
>>>>
>>>>
>>>>
>>>> with
>>>>
>>>> port 8443 and with out port
>>>>
>>>> Also I wanted to use weburl with alias name permanently instead
>>>> of
>>>>
>>>> the
>>>>
>>>>
>>>> hostname. How can I achieve both
>>>>
>>>>
>>>> Thanks,
>>>> Lavanya
>>>>
>>>>
>>>> -->
>>>>
>>>>
>>>> On Fri, Apr 26, 2024 at 9:28 PM Christopher Schultz <
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>> On 4/25/24 07:24, lavanya tech wrote:
>>>>
>>>> Hi Chris,
>>>>
>>>> One question / doubt:
>>>>
>>>> As I mentioned earlier, the below URLS already working in the
>>>>
>>>> browser
>>>>
>>>>
>>>>
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl>
>>>> https://example.lbg.com:8443/towl
<https://example.lbg.com:8443/towl> -> redirect ( which means
>>>> when I
>>>>
>>>> hit in
>>>>
>>>> browser) it points to https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl> ---> To
>>>> be
>>>>
>>>> frank,
>>>>
>>>> even I donot need redirect here, not sure why it redirects.
>>>>
>>>> My question is why its working even though SAN is not registered
>>>>
>>>> with
>>>>
>>>>
>>>>
>>>> the
>>>>
>>>> certificate ? It doesnot even throw warning in the browser.
>>>>
>>>>
>>>> I'm not sure. Is it possible you have dismissed this error in the
>>>>
>>>> past
>>>>
>>>>
>>>> and the browser is remembering that? Try this with a different web
>>>>
>>>> browser or maybe with curl from the command-line to see what
>>>>
>>>> happens.
>>>>
>>>>
>>>>
>>>> Why https://server.lbg.com/towl <https://server.lbg.com/towl>
or https://example.lbg.com/towl <https://example.lbg.com/towl>
>>>>
>>>> -->
>>>>
>>>>
>>>>
>>>> How it
>>>>
>>>> should work with New SAN certificate ?
>>>>
>>>>
>>>> You don't need to worry about the port number or application
>>>> name,
>>>>
>>>> only
>>>>
>>>>
>>>> the hostname is a part of the SAN.
>>>>
>>>>
>>>> -chris
>>>>
>>>> On Thu, Apr 25, 2024 at 10:16 AM lavanya tech <
>>>>
>>>> lavanyatech...@gmail.com <mailto:lavanyatech...@gmail.com>
>>>>
>>>>
>>>> wrote:
>>>>
>>>> Hi Chris,
>>>>
>>>>
>>>> Thanks I will request new certificate with SANs and I will try to
>>>>
>>>> fix
>>>>
>>>>
>>>>
>>>> the
>>>>
>>>> things from our end.
>>>>
>>>> Best Regards,
>>>> Lavanya
>>>>
>>>> On Wed, Apr 24, 2024 at 11:12 PM Christopher Schultz <
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>> On 4/24/24 15:39, lavanya tech wrote:
>>>>
>>>> Local host means the machine i am logged in to server.lbg.com
<http://server.lbg.com>
>>>>
>>>> You are right, example.lbg.com <http://example.lbg.com> is
CNAME record.
>>>>
>>>>
>>>> Okay, thanks for clearing that up.
>>>>
>>>> I dont have any SAN configured for the certificate. The
>>>> certificate
>>>>
>>>> is
>>>>
>>>> requested for only server.lbg.com <http://server.lbg.com>
>>>>
>>>>
>>>> You will never be able to make a secure request to anything other
>>>>
>>>> than
>>>>
>>>> server.lbg.com <http://server.lbg.com> without seeing an
error. I highly recommend
>>>> adding
>>>>
>>>> the
>>>>
>>>> other hostname as a SAN to your certificate if you really want to
>>>> support this.
>>>>
>>>> Even if you wanted https://example.lbg.com/whatever
<https://example.lbg.com/whatever> to return an
>>>>
>>>> HTTP
>>>>
>>>> 302 redirect to https://server.lbg.com/whatever
<https://server.lbg.com/whatever>, the user would
>>>>
>>>> see a
>>>>
>>>> certificate hostname mismatch error which is ugly. It's best to
>>>>
>>>> make
>>>>
>>>>
>>>>
>>>> it
>>>>
>>>> work without users seeing ugly things.
>>>>
>>>> So if i just request new certificate with SAN it should work ? If
>>>>
>>>> yes, I
>>>>
>>>> will request for it and follow your steps as below suggested.
>>>>
>>>>
>>>> Yes, it should.
>>>>
>>>> Should i use CName record or DNS? Does it make difference?
>>>>
>>>>
>>>> CNAME *is* DNS.
>>>>
>>>> Whenever possible, use hostnames and not IP addresses as SANs.
>>>> It's
>>>>
>>>> more
>>>>
>>>> flexible that way, and users get to see hostnames instead of IP
>>>>
>>>> addresses.
>>>>
>>>>
>>>> -chris
>>>>
>>>> On Wednesday, April 24, 2024, Christopher Schultz <
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>> On 4/24/24 07:37, lavanya tech wrote:
>>>>
>>>> Sorry I understood wrongly here with regards to my environment,
>>>>
>>>> Let me
>>>>
>>>> start from the beginning. I donot want to use redirect at all. I
>>>>
>>>> simply
>>>>
>>>> wanted to force apache tomcat to use both localhost and dns name
>>>>
>>>> of
>>>>
>>>> the
>>>>
>>>> localhost via url.
>>>>
>>>>
>>>> When you say "force" what do you mean?
>>>>
>>>> When you say "use both localhost and DNS name" what do you mean?
>>>>
>>>> When you say "localhost" do you mean 127.0.0.1 or "the machine
>>>> I'm
>>>> logged-into right now"?
>>>>
>>>> I have DNS resollution as below.
>>>>
>>>>
>>>> server.lbg.com <http://server.lbg.com> --> localhost
>>>>
>>>>
>>>> Is that a CNAME record?
>>>>
>>>> nslookup server.lbg.com <http://server.lbg.com> (localhost)
>>>>
>>>> Name: server.lbg.com <http://server.lbg.com>
>>>> Address: 192.168.100.20
>>>> alias: example.lbg.com <http://example.lbg.com>
>>>>
>>>>
>>>> That's a weird DNS response. The DNS name "localhost" should
>>>>
>>>> *always*
>>>>
>>>> return 127.0.0.1 for IPv4 and ::1 for IPv6. It shouldn't return
>>>> 191.168.100.20.
>>>>
>>>> We have working the below urls working:
>>>>
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl>
>>>> https://example.lbg.com:8443/towl
<https://example.lbg.com:8443/towl> --> redirects to
>>>>
>>>>
>>>> What do you mean "redirect"? Does it return a 30x response that
>>>>
>>>> causes
>>>>
>>>> the
>>>>
>>>> browser to make a new request to \/
>>>>
>>>> https://server.lbg.com:8443/towl
<https://server.lbg.com:8443/towl> --> still works --> we have
>>>> SSL
>>>>
>>>> configured for the same but this SSL certificate doesnot have
>>>>
>>>> additional
>>>>
>>>> DNS setup.
>>>>
>>>>
>>>> What SANs are in your certificate? How many certificates do you
>>>>
>>>> have?
>>>>
>>>>
>>>> But I would need to somehow access https://example.lbg.com
<https://example.lbg.com> -->
>>>>
>>>> which
>>>>
>>>> means
>>>> I would need to access via 443 here ?
>>>>
>>>>
>>>> I'm so confused. What needs to access what?
>>>>
>>>> I tried to adding the below to server.xml as below, but that
>>>>
>>>> doesnot
>>>>
>>>> seems
>>>>
>>>> to work.
>>>>
>>>> <Connector port="80"
>>>> protocol="org.apache.coyote.http11.Http11NioProtocol"
>>>> connectionTimeout="20000"
>>>> redirectPort="443" />
>>>>
>>>>
>>>> This will only redirect (HTTP 302) requests to
>>>>
>>>> http://yourhost/anything <http://yourhost/anything>
>>>>
>>>> to https://yourhost/anything <https://yourhost/anything> *if
the application specifically
>>>>
>>>> requests
>>>>
>>>> CONFIDENTIAL transport*. It doesn't just redirect everything by
>>>>
>>>> default. If
>>>>
>>>> you want it to redirect everything, you'll need to set that up
>>>>
>>>> e.g.
>>>>
>>>> using
>>>>
>>>> RewriteValve. There are other options, too.
>>>>
>>>> Do i need additional SSL certificate for the
>>>>
>>>> https://example.lbg.com <https://example.lbg.com>
>>>>
>>>> to
>>>>
>>>> make it work ?
>>>>
>>>>
>>>> If you don't want your browser to complain, you will need at
>>>> least
>>>>
>>>> one
>>>>
>>>> TLS
>>>>
>>>> certificate that contains every Subject Alternative Name (SAN)
>>>> for
>>>>
>>>> every
>>>>
>>>> possible hostname you expect to use with this service. You ca do
>>>>
>>>> it
>>>>
>>>> with
>>>>
>>>> multiple certificates as well, but a single cert with multiple
>>>>
>>>> SANs
>>>>
>>>> is
>>>>
>>>> less
>>>>
>>>> work.
>>>>
>>>> Do i need to set up an additional web server for this like apache
>>>>
>>>> or
>>>>
>>>> nginx
>>>>
>>>> for redirecting requests?
>>>>
>>>>
>>>> No.
>>>>
>>>> Please stop saying "redirect" because it sounds like you almost
>>>>
>>>> never
>>>>
>>>> mean
>>>>
>>>> "HTTP 30x redirect" and that's confusing everything.
>>>>
>>>> I *think* you only need the following:
>>>>
>>>> 1. A TLS certificate with the following SANs:
>>>>
>>>> * server.lbg.com <http://server.lbg.com>
>>>> * example.lbg.com <http://example.lbg.com>
>>>> * localhost (you shouldn't do this)
>>>>
>>>> 2. DNS configured for all hostnames:
>>>>
>>>> * server.lbg.com <http://server.lbg.com> -> A
192.168.100.20
>>>> * example.lgb.com <http://example.lgb.com> -> A
192.168.100.20
>>>>
>>>> 3. Tomcat configured with a single <Host> which is the default
>>>>
>>>> virtual
>>>>
>>>> host. Note that this is the *default Tomcat configuration* and
>>>>
>>>> doesn't
>>>>
>>>> need
>>>>
>>>> to be changed from the default.
>>>>
>>>> 4. Tomcat configured with your certificate like this:
>>>>
>>>> <Connector ...
>>>> SSLEnabled="true">
>>>> <SSLHostConfig>
>>>> <Certificate
>>>> certificateFile="/path/to/your/cert.crt"
>>>>
certificateKeyFile="/path/to/your/key.pem" />
>>>> <!-- You may need certificateKeyPassword in
>>>>
>>>> <Certificate>
>>>>
>>>> -->
>>>>
>>>> </SSLHostConfig>
>>>> </Connector>
>>>>
>>>> If your SANs are configured properly, this should allow you to
>>>>
>>>> connect
>>>>
>>>> using any of these URLs:
>>>>
>>>> $ curl https://server.lbg.com/towl/login.jsp
<https://server.lbg.com/towl/login.jsp>
>>>>
>>>> (returns login page)
>>>>
>>>> $ curl https://example.lbg.com/towl/login.jsp
<https://example.lbg.com/towl/login.jsp>
>>>>
>>>> (returns login page)
>>>>
>>>> If your application's web.xml contains something like this:
>>>>
>>>> <security-constraint>
>>>> <web-resource-collection>
>>>> <web-resource-name>theapp</web-resource-name>
>>>> <url-pattern>/*</url-pattern>
>>>> </web-resource-collection>
>>>> <user-data-constraint>
>>>>
>>>> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>>>>
>>>>
>>>> </user-data-constraint>
>>>>
>>>> </security-constraint>
>>>>
>>>> ... then these URLs insecure HTTP URLs should redirect your
>>>>
>>>> clients:
>>>>
>>>>
>>>> $ curl http://server.lbg.com/towl/login.jsp
<http://server.lbg.com/towl/login.jsp>
>>>>
>>>> (returns HTTP 302 redirect to
>>>>
>>>> https://server.lbg.com/towl/login.jsp
<https://server.lbg.com/towl/login.jsp>
>>>>
>>>> )
>>>>
>>>>
>>>> $ curl https://server.lbg.com/towl/login.jsp
<https://server.lbg.com/towl/login.jsp>
>>>>
>>>> (returns HTTP 302 redirect to
>>>>
>>>> https://example.lbg.com/towl/login.jsp
<https://example.lbg.com/towl/login.jsp>)
>>>>
>>>>
>>>> I don't think you need any use of the RewriteValve unless you
>>>> want
>>>>
>>>> to
>>>>
>>>> handle sending HTTP 302 redirect responses to insecure requests
>>>>
>>>> without
>>>>
>>>> specifying the CONFIDENTIAL transport-guarantee in your
>>>>
>>>> application's
>>>>
>>>> web.xml file. But I don't see any reason NOT to have that in
>>>>
>>>> there.
>>>>
>>>>
>>>> -chris
>>>>
>>>> On Tue, Apr 23, 2024 at 10:52 PM Christopher Schultz <
>>>>
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Lavanya,
>>>>
>>>>
>>>> On 4/22/24 05:21, lavanya tech wrote:
>>>>
>>>> Could you please explain, what you exactly mean ? So here
>>>>
>>>> redirect
>>>>
>>>> is
>>>>
>>>>
>>>> not a
>>>>
>>>> solution right ?
>>>>
>>>>
>>>> Redirecting is fine.
>>>>
>>>> Perhaps you should take a step back and decide: what do you
>>>>
>>>> actually
>>>>
>>>> want, here? You might be trying to solve problem X by applying
>>>>
>>>> solution
>>>>
>>>> Y, and you've already decided that solution Y is correct so you
>>>>
>>>> are
>>>>
>>>> trying to get help with that.
>>>>
>>>> Perhaps ask for help with Problem X?
>>>>
>>>> For example, "I don't want users to have to type the name of my
>>>> application to reach it so I want example.com/
<http://example.com/> to go to my
>>>>
>>>> application
>>>>
>>>> instead of example.com/myapp/ <http://example.com/myapp/>".
>>>>
>>>> Or, "I have multiple domains and I want all of them to redirect
>>>>
>>>> to
>>>>
>>>> the
>>>>
>>>> canonical domain example.com <http://example.com> and to go to
me web application
>>>>
>>>> /myapp
>>>>
>>>> so
>>>>
>>>> everything goes to example.com/myapp/
<http://example.com/myapp/>".
>>>>
>>>> "You'd have to use a glob/regex if
>>>>
>>>> you wanted to check for [anything and maybe nothing.]
>>>>
>>>> example.com <http://example.com>
>>>>
>>>> ."
>>>>
>>>>
>>>>
>>>> There is nothing in your configuration or question that suggests
>>>>
>>>> that
>>>>
>>>> the hostname in the request is relevant, but you are making it a
>>>> *requirement* that the request contains a specific Host header.
>>>>
>>>> IF
>>>>
>>>> you
>>>>
>>>> don't actually need that, why do you have it?
>>>>
>>>> -chris
>>>>
>>>> On Fri, Apr 19, 2024 at 3:03 PM Christopher Schultz <
>>>>
>>>> ch...@christopherschultz.net
<mailto:ch...@christopherschultz.net>> wrote:
>>>>
>>>> Ammu,
>>>>
>>>>
>>>> On 4/19/24 08:32, lavanya tech wrote:
>>>>
>>>> Thank you very much. I removed <Host> for example.com
<http://example.com> as
>>>>
>>>> well
>>>>
>>>> as
>>>>
>>>>
>>>> adding
>>>>
>>>>
>>>> an
>>>>
>>>>
>>>> <Alias> in server.xml
>>>> I copied context.xml file
>>>>
>>>> /git/app/apache-tomcat-10.1.11/webapps/towl/META-INF/context.xml
>>>>
>>>> Removed < in rewrite.config files.
>>>>
>>>> But still I dont redirect the URL.
>>>>
>>>>
>>>> If you have <Context> in server.xml and also your application
>>>>
>>>> in
>>>>
>>>> the
>>>>
>>>> webapps/ directory, then you will be double-deploying your
>>>>
>>>> application.
>>>>
>>>>
>>>> Re-name /git/app/apache-tomcat-10.1.11/webapps/towl/ to be
>>>> /git/app/apache-tomcat-10.1.11/webapps/ROOT (the capitals are
>>>> important)
>>>> and remove the <Context> element from your server.xml.
>>>>
>>>> Then start your server and read the logs.
>>>>
>>>> *nslookup alias.example.com <http://alias.example.com>
<http://alias.example.com <http://alias.example.com>>
>>>>
>>>> gives-->Non-authoritative answer:Name: www.example.com
<http://www.example.com>
>>>> <http://www.example.com <http://www.example.com>>Address:
192.168.200.10Aliases:
>>>>
>>>> alias.example.com <http://alias.example.com>
>>>>
>>>> <http://alias.example.com <http://alias.example.com>>*
>>>>
>>>>
>>>> Just to give some information here, *www.example.com
<http://www.example.com>
>>>> <http://www.example.com <http://www.example.com>>* has alias*
"alias.example.com <http://alias.example.com>
>>>> <http://alias.example.com <http://alias.example.com>>"*
>>>> But https://www.example.com:7777/example
<https://www.example.com:7777/example> --> works fine with
>>>>
>>>> out
>>>>
>>>>
>>>> issues
>>>>
>>>>
>>>> but
>>>>
>>>>
>>>> the alias doesnot works (https://alias.example.com
<https://alias.example.com>)
>>>> So i am not sure if the redirect url helps or if its correct
>>>>
>>>>
>>>> Your rewrite configuration says that you have to be using host
>>>> "example.com <http://example.com>" but your request goes to
www.example.com <http://www.example.com>. Your
>>>> configuration should only redirect a request such as:
>>>>
>>>> $ curl -v http://example.com:7777/something
<http://example.com:7777/something>
>>>>
>>>> HTTP/1.1 301 Moved Permanently
>>>> ...
>>>> Location: https://www.example.com:7777/example
<https://www.example.com:7777/example>
>>>>
>>>> If you
>>>>
>>>>
>>>>
>>>
>>
---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
<mailto:users-unsubscr...@tomcat.apache.org>
>> For additional commands, e-mail: users-h...@tomcat.apache.org
<mailto:users-h...@tomcat.apache.org>
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
<mailto:users-unsubscr...@tomcat.apache.org>
For additional commands, e-mail: users-h...@tomcat.apache.org
<mailto:users-h...@tomcat.apache.org>