Hello, Filip. Can secure connections be enforced declaratively when using apache/mod_ssl/mod_jk/tomcat? If so, where (and how) can it be done? httpd.conf? server.xml? web.xml? Or does detecting an insecure connection have to be done within the web application? As in... if(!request.isSecure()) response.sendRedirect...
-----Original Message----- From: Filip Hanik [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 18:12 To: Tomcat Users List Subject: RE: apache /mod_ssl/tomcat/struts yes, it will work perfectly without any problems. not sure why you need to change the <location> tag. instead what you will need to do is to setup your jk.properties and mod_jk.conf to forward requests to Tomcat, and the request URL will work fine with struts. we are using struts in our environment, and it looks just like that. Filip -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 5:08 PM To: [EMAIL PROTECTED] Subject: RE: apache /mod_ssl/tomcat/struts Thanks, I hope you don't mind me writing you directly. so, changing apache httpd.conf to use a <location/> of the secure files is what I am having trouble with. If the document is a webpage.do (struts) file and is expected in /dir1/securearea/ , will the mod_jk2 take care of this?? everything just happens or is there some mod_jk2 config I should do? I am using mod_jk2, fyi thanks again Best, Stephen Schaubach -----Original Message----- From: Filip Hanik [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 4:54 PM To: Tomcat Users List Subject: RE: apache /mod_ssl/tomcat/struts Importance: Low the easiest way is: Apache(with mod_ssl) --> mod_jk --> Tomcat with Struts have apache handle all the http/https requests and simple forward them to Tomcat. Filip -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 4:46 PM To: [EMAIL PROTECTED] Subject: apache /mod_ssl/tomcat/struts I'm new to to ssl on three tier, esp. with struts involved does struts or apache need to be configured? I would assume mod_ssl would take into account that a certain document location is secure but since it is not static content coming back from Tomcat, I am uncertain how this would work. any clarification would be appreciated. Best, Stephen Schaubach --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]