Re: Enabling SSL on specific URLs using IIS and Tomcat
I'm going to take a stab-in-the-dark, and guess that you didn't change the value of the 'redirectPort' on the Connector to be '443'. cprs-develop [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello All: I am running Apache Tomcat 4.1.27, with IIS 5.0 on Windows 2000 Professional configured to serve the JSP pages using the ISAPI redirector. I have also configured SSL support using the Windows IIS management console. Currently JSP pages can be accessed using the http://SomeHost/SomeDirectory or https://SomeHost/SomeDirectory URL. I am trying to specify URLs that should be available only through SSL. For this, I have added the security-constraint section in web.xml for the relevant webapp directory. web-app . . . . . /welcome-file-list !-- All resources under the /SSL directory should only be available via SSL -- security-constraint web-resource-collection web-resource-nameSSL/web-resource-name url-pattern/SSL/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint /web-app Now, when I try to access the resources under the /SSL directory, (using http or https) IIS gives me a Page not found error message. However, if I disable IIS and run Tomcat independently, directory security is enabled, and everything works fine, i.e., if I use http://SomeHost/webapp/SSL, it automatically redirects to https://SomeHost/webapp/SSL. I found an earlier thread (http://mikal.org/interests/java/tomcat/archive/view?mesg=44502) which mentions that the ISAPI redirector may be to blame, but I am not sure if it applies in this scenario. Any help would be greatly appreciated. Thanks, Vic - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Enabling SSL on specific URLs using IIS and Tomcat
Howdy, Almost certainly the ISAPI Redirector's fault, since as you mention Tomcat works fine by itself. What if you only allow https access to secure URLs? Yoav Shapira Millennium ChemInformatics -Original Message- From: cprs-develop [mailto:[EMAIL PROTECTED] Sent: Thursday, January 08, 2004 2:33 PM To: [EMAIL PROTECTED] Subject: Enabling SSL on specific URLs using IIS and Tomcat Importance: High Hello All: I am running Apache Tomcat 4.1.27, with IIS 5.0 on Windows 2000 Professional configured to serve the JSP pages using the ISAPI redirector. I have also configured SSL support using the Windows IIS management console. Currently JSP pages can be accessed using the http://SomeHost/SomeDirectory or https://SomeHost/SomeDirectory URL. I am trying to specify URLs that should be available only through SSL. For this, I have added the security-constraint section in web.xml for the relevant webapp directory. web-app . . . . . /welcome-file-list !-- All resources under the /SSL directory should only be available via SSL -- security-constraint web-resource-collection web-resource-nameSSL/web-resource-name url-pattern/SSL/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint /web-app Now, when I try to access the resources under the /SSL directory, (using http or https) IIS gives me a Page not found error message. However, if I disable IIS and run Tomcat independently, directory security is enabled, and everything works fine, i.e., if I use http://SomeHost/webapp/SSL, it automatically redirects to https://SomeHost/webapp/SSL. I found an earlier thread (http://mikal.org/interests/java/tomcat/archive/view?mesg=44502) which mentions that the ISAPI redirector may be to blame, but I am not sure if it applies in this scenario. Any help would be greatly appreciated. Thanks, Vic - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Enabling SSL on specific URLs using IIS and Tomcat
Hi: That's what I have been trying to do. If you can recommend any alternate method to allow only https access to secure URLs, I would greatly appreciate it. Thanks, Vic -Original Message- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Thursday, January 08, 2004 2:38 PM To: Tomcat Users List Subject: RE: Enabling SSL on specific URLs using IIS and Tomcat Howdy, Almost certainly the ISAPI Redirector's fault, since as you mention Tomcat works fine by itself. What if you only allow https access to secure URLs? Yoav Shapira Millennium ChemInformatics -Original Message- From: cprs-develop [mailto:[EMAIL PROTECTED] Sent: Thursday, January 08, 2004 2:33 PM To: [EMAIL PROTECTED] Subject: Enabling SSL on specific URLs using IIS and Tomcat Importance: High Hello All: I am running Apache Tomcat 4.1.27, with IIS 5.0 on Windows 2000 Professional configured to serve the JSP pages using the ISAPI redirector. I have also configured SSL support using the Windows IIS management console. Currently JSP pages can be accessed using the http://SomeHost/SomeDirectory or https://SomeHost/SomeDirectory URL. I am trying to specify URLs that should be available only through SSL. For this, I have added the security-constraint section in web.xml for the relevant webapp directory. web-app . . . . . /welcome-file-list !-- All resources under the /SSL directory should only be available via SSL -- security-constraint web-resource-collection web-resource-nameSSL/web-resource-name url-pattern/SSL/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint /web-app Now, when I try to access the resources under the /SSL directory, (using http or https) IIS gives me a Page not found error message. However, if I disable IIS and run Tomcat independently, directory security is enabled, and everything works fine, i.e., if I use http://SomeHost/webapp/SSL, it automatically redirects to https://SomeHost/webapp/SSL. I found an earlier thread (http://mikal.org/interests/java/tomcat/archive/view?mesg=44502) which mentions that the ISAPI redirector may be to blame, but I am not sure if it applies in this scenario. Any help would be greatly appreciated. Thanks, Vic - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Enabling SSL on specific URLs using IIS and Tomcat
This is one of the reasons why I like to use Apache in front of Tomcat. It's pretty easy to do with Apache. Not to mention IIS is a bear to get to work under Linux ;) I would imagine there is a similar config for IIS though. Oscar On Thu, 8 Jan 2004, cprs-develop wrote: Hi: That's what I have been trying to do. If you can recommend any alternate method to allow only https access to secure URLs, I would greatly appreciate it. Thanks, Vic -Original Message- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Thursday, January 08, 2004 2:38 PM To: Tomcat Users List Subject: RE: Enabling SSL on specific URLs using IIS and Tomcat Howdy, Almost certainly the ISAPI Redirector's fault, since as you mention Tomcat works fine by itself. What if you only allow https access to secure URLs? Yoav Shapira Millennium ChemInformatics -Original Message- From: cprs-develop [mailto:[EMAIL PROTECTED] Sent: Thursday, January 08, 2004 2:33 PM To: [EMAIL PROTECTED] Subject: Enabling SSL on specific URLs using IIS and Tomcat Importance: High Hello All: I am running Apache Tomcat 4.1.27, with IIS 5.0 on Windows 2000 Professional configured to serve the JSP pages using the ISAPI redirector. I have also configured SSL support using the Windows IIS management console. Currently JSP pages can be accessed using the http://SomeHost/SomeDirectory or https://SomeHost/SomeDirectory URL. I am trying to specify URLs that should be available only through SSL. For this, I have added the security-constraint section in web.xml for the relevant webapp directory. web-app . . . . . /welcome-file-list !-- All resources under the /SSL directory should only be available via SSL -- security-constraint web-resource-collection web-resource-nameSSL/web-resource-name url-pattern/SSL/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint /web-app Now, when I try to access the resources under the /SSL directory, (using http or https) IIS gives me a Page not found error message. However, if I disable IIS and run Tomcat independently, directory security is enabled, and everything works fine, i.e., if I use http://SomeHost/webapp/SSL, it automatically redirects to https://SomeHost/webapp/SSL. I found an earlier thread (http://mikal.org/interests/java/tomcat/archive/view?mesg=44502) which mentions that the ISAPI redirector may be to blame, but I am not sure if it applies in this scenario. Any help would be greatly appreciated. Thanks, Vic - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]