On 5/1/07, Mike Grandmaison <[EMAIL PROTECTED]> wrote:
Unfortunately I can't do a port forward at the os level. My environment is on a shared server. Many domains are setup on the machine - all of course for port 80/443. At the os level can I determine that the request was for a certain domain and forward to a different port based on that domain?
No you can't. I think the way the hosting company has it
setup is that multiple domains are mapping to one ip - though it might be a slightly different setup. The requests then all go to the one box where apache is sitting in front and using connectors to direct the requests to the particular instance of tomcat ( in the case of the ssl request it is decrypting the request and directing them).
Indeed. The reqeusts are decrspted. They _need_ to be decrypted, otherwise there is no way to know what host they need to be handled by.
My issue is that in Tomcat I want to have any http request redirected to https. mod_proxy creates an infinite loop in this situation since apache turns the https into http and tomcat thinks it needs to redirect. mod_jk handles this properly and is able to pass extra heuristics to tomcat but for some reason creates a massive performance problem. Rather than figure out why mod_jk is creating this performance problem I was hoping there was someway just to have apache send the ssl on.... seems like I am stuck either switching to a dedicated machine and removing apache from the equation or figureing out the problem with mod_jk.
If you really want to forward the SSL stream unmodified to a tomcat host you will indeed need at least a dedicated IP, and a port forward. But why do you want tomcat to handle SSL? I usually try to avoid having to configure SSL in backend servers, as apache handles SSL just fine. Krist -- [EMAIL PROTECTED] Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
