If you want to go SSL here is an easier way to check for SSL
RewriteEngine On
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^/secure(.*) https://%{SERVER_NAME}/secure$1 [R,L]
You way also want to look at the P flag to proxy the request.
http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriteflags
'proxy|P' (force proxy) This flag forces the substitution part to be
internally sent as a proxy request and immediately (rewrite processing stops
here) put through the proxy
module<http://httpd.apache.org/docs/2.2/mod/mod_proxy.html>.
You must make sure that the substitution string is a valid URI (typically
starting with http://*hostname*) which can be handled by the Apache proxy
module. If not, you will get an error from the proxy module. Use this flag
to achieve a more powerful implementation of the
ProxyPass<http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass>directive,
to map remote content into the namespace of the local server.
Note: mod_proxy <http://httpd.apache.org/docs/2.2/mod/mod_proxy.html> must
be enabled in order to use this flag.
Whic is probably what you wanted from the beginning.
Also if you go André's way, you can do a
Redirect /secure https://yourdomain/secure
that should be faster than rewrite.
~Jorge
On Sat, Aug 1, 2009 at 12:24 PM, André Warnier <a...@ice-sa.com> wrote:
> /U wrote:
>
>> Apache: 2.2.0
>>
>> I need to
>> a) require SSL on requests to /secure (i.e., http://server/secure ->
>> https://server/secure)
>> b) and as the second step, offload (proxy) https://server/secure to
>> http://server:8080/secure
>>
>> I don't know the details, but the following may work :
>
> You may need is 2 <VirtualHost> sections, as follows :
>
> main config :
> Listen *:80
> Listen *:443
>
> ...
> <VirtualHost *:80>
> ...
>
> RewriteEngine On
>> RewriteLog "/tmp/http.log"
>> RewriteLogLevel 9
>> RewriteCond %{SERVER_PORT}!443$
>> RewriteRule ^/secure(.*) https://%{HTTP_HOST}:443/secure$1 [R=301,L]
>>
>> ...
> </VirtualHost>
>
> <VirtualHost *:443>
> .. your proxy stuff ..
> </VirtualHost>
>
> The general idea being :
> - the first VirtualHost acts as the default (and only) host for all
> requests to port 80. If there is a request to /secure, it sends an external
> re-direct to the browser, re-directing it to HTTPS on port 443
> - the second VirtualHost acts as the default (and only) host on port 443.
> It terminates SSL and proxies the requests to your Tomcat (I suppose) via
> HTTP.
> (Note that you could also use mod_jk or mod_proxy_ajp there, probably more
> efficiently.)
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> " from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
