I am working on a JBoss, CAS, Apache implementation for a state project and I'm seeing weird behavior that I cannot seem to resolve. I'm ultimately using Tomcat 5.5 but the hacked version JBoss has fixed up.
Anyhow, I'll try to identify my architecture and then see if anyone knows why the 8443 connector directives, scheme and secure are being ignored. Presentation and Business servers host SOA applications and the UI applications, on presentation (if SOA using both servers) or business (if non-SOA, single WAR) may have a CAS servlet filter. CAS is deployed on JBoss 4.2.2 (Tomcat 5.5) on the presentation server. The presentation server hosts Apache 2.2 first and then the /cas virtual is ProxyPass to the ajp 1.3 connector (mod_proxy_ajp) through port 8009 and ultimately redirected to the 8443 connector for the CAS web application. When the /cas/login is called Apache redirects to the 8443 connector because the page comes up beautifully, but ... the results are plain-text HTTP. I've tried using mod_jk as well with Apache and the workers.properties file, but I've come to realize that the problem lies in the fact that the 8443 Coyote connector's directives for scheme and secure must be ignored. I've seen other posts where it's been determined that ServletRequest.getScheme() might return "http". I've not tested this myself. When I first began my implementation of CAS here, HTTPS worked probably because I was using the :8443 port with the URL directly. As time went by, my attention was on other things and now after implementations are using Apache and reverse proxy to hide URLs and secure things more, HTTPS has left the building. Any help here would be appreciated. And, if this should be addressed on the dev list, let me know. I thought I would start here. Thanks David Whitehurst --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
