On 29.04.2016 12:52, Lyallex wrote:
On 29 April 2016 at 08:44, André Warnier (tomcat) <a...@ice-sa.com> wrote:
On 29.04.2016 08:59, Lyallex wrote:
The problem is despite setting the to-type to permanent-redirect I'm
actually getting a 302 temporary-redirect.
I know this is probably off topic but if anyone has any experience of
this I'd be gratefull to hear how you solved it
If this was Apache httpd, a simple solution would be to create 2
VirtualHost's,
- one of which listens only to port 80, and always returns a 301 to HTTPS
- the other one listening only to port 443, and holding your application
There should be a way to do the same with Tomcat.
If not, then thinking a bit laterally :
- set up Tomcat with only a HTTPS Connector and your apps.
- set up Apache httpd with only a HTTP VirtualHost, to return the 301.
The overhead should be negligible, because the Apache httpd could be
minimally configured, if that is the only thing it ever has to do.
And since with a 301, browsers (and Google) should update their links/cache,
it would only catch the first attempts of each client.
And it saves quite a bit of overhead at the Tomcat level, which no longer
has to deal at all with catching HTTP and redirecting it.
Hi, thanks for the suggestion however I'm running tomcat as a
standalone web server
Yes, and you would still continue to do so for anything regarding your
applications.
You would just be setting up a small httpd *on the side*, to handle only the
calls to
http://yourserver/*, and redirect-301 them to https://yourserver/*.
(Think of it as some small black-box appliance which would do just that).
(And it could be any lightweight webserver instead of Apache httpd, like Nginx for
example)(But this is after all an Apache list, so I thought I should stay in the family).
As an advantage to your Tomcat, it would then be free to do only what it does best (serve
your applications, under https:// only) without having to worry about any HTTP,
re-direction, filtering or whatever.
Is there any similar trickery I can do in server.xml (for example).
Well, I looked at the configurations of the Server, Engine, Connectors and Hosts, and it
did not seem evident to me how to do the same. But maybe someone smarter than me
Tomcat-wise will have some idea.
The HTTP redirect part mentioned above as under httpd, could of course also be done by a
second Tomcat instance doing just that (with just the one HTTP Connector). But it seems a
bit of an overkill to start 2 heavy-duty JVM's for such a purpose. Maybe there is a way
of starting 2 Tomcat <Server> entities under the same JVM though..
thanks
lyallex
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
