If you want to go SSL here is an easier way to check for SSL RewriteEngine On RewriteCond %{HTTPS} !=on [NC] RewriteRule ^/secure(.*) https://%{SERVER_NAME}/secure$1 [R,L]
You way also want to look at the P flag to proxy the request. http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriteflags 'proxy|P' (force proxy) This flag forces the substitution part to be internally sent as a proxy request and immediately (rewrite processing stops here) put through the proxy module<http://httpd.apache.org/docs/2.2/mod/mod_proxy.html>. You must make sure that the substitution string is a valid URI (typically starting with http://*hostname*) which can be handled by the Apache proxy module. If not, you will get an error from the proxy module. Use this flag to achieve a more powerful implementation of the ProxyPass<http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass>directive, to map remote content into the namespace of the local server. Note: mod_proxy <http://httpd.apache.org/docs/2.2/mod/mod_proxy.html> must be enabled in order to use this flag. Whic is probably what you wanted from the beginning. Also if you go André's way, you can do a Redirect /secure https://yourdomain/secure that should be faster than rewrite. ~Jorge On Sat, Aug 1, 2009 at 12:24 PM, André Warnier <a...@ice-sa.com> wrote: > /U wrote: > >> Apache: 2.2.0 >> >> I need to >> a) require SSL on requests to /secure (i.e., http://server/secure -> >> https://server/secure) >> b) and as the second step, offload (proxy) https://server/secure to >> http://server:8080/secure >> >> I don't know the details, but the following may work : > > You may need is 2 <VirtualHost> sections, as follows : > > main config : > Listen *:80 > Listen *:443 > > ... > <VirtualHost *:80> > ... > > RewriteEngine On >> RewriteLog "/tmp/http.log" >> RewriteLogLevel 9 >> RewriteCond %{SERVER_PORT}!443$ >> RewriteRule ^/secure(.*) https://%{HTTP_HOST}:443/secure$1 [R=301,L] >> >> ... > </VirtualHost> > > <VirtualHost *:443> > .. your proxy stuff .. > </VirtualHost> > > The general idea being : > - the first VirtualHost acts as the default (and only) host for all > requests to port 80. If there is a request to /secure, it sends an external > re-direct to the browser, re-directing it to HTTPS on port 443 > - the second VirtualHost acts as the default (and only) host on port 443. > It terminates SSL and proxies the requests to your Tomcat (I suppose) via > HTTP. > (Note that you could also use mod_jk or mod_proxy_ajp there, probably more > efficiently.) > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >