On 7/23/2016 2:57 PM, Christopher Schultz wrote: > Paul, > > On 7/23/16 8:39 AM, Paul Roubekas wrote: > > http://www.myDomain.com gets me to Tomcat where my ROOT webapp is > > deployed. Thank you very much!!! > > > A few things that still need correction... > > > Not all my webpages/servlets are https, just one is https. > > No problem. You'll need an HTTPS and HTTP listener in httpd, which it > seems you already have working. > > > I can navigate to any page on the site, except the https page, and > > the prefix stays at http://. > > Good. > > > But once I hit the https page/servlet two things happen: 1) The > > prefix stays at https:// for any other page in the site, even > > though the other pages were severed up as http:// in the past. > > That's generally because your pages are using relative links, which > preserve the protocol. Is this a problem? Or do you just want to > understand why it's not reverting back to HTTP when HTTPS is not needed? I would like to fix it. > > > 2) The port number 8443 now shows in the address bar and does not > > go away. What still needs to be done to fix the above two issues.? > > If the port number shows 8443 then the proxying isn't quite set up > correctly. Since you are using httpd, you are probably using port 443 > for HTTPS traffic. I'm not quite sure how TomEE does configuration, > but I suspect it's quite similar to Tomcat. For Tomcat, you'd have a > configuration containing a <Connector> which has all kinds of > attributes on it. Specifically, there will be one called > "redirectPort". By default, that value is set to "8443" because > Tomcat's default HTTPS port is 8443. Since you are using httpd, you'll > want to change redirectPort to "443". That should stick you to httpd > instead of having TomEE serve the requests over port 8443.
These are the three <Connector> XML configuration elements in my server.xml for Tomee <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" xpoweredBy="false" server="Apache TomEE" proxyName="www.myDomain.com" proxyPort="80" /> <Connector port="8443" maxHttpHeaderSize="8192" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" SSLEnabled="true" scheme="https" secure="true" keyAlias="server" keystoreFile="[redacted]" keystorePass="[redacted]" clientAuth="false" sslProtocol="TLS" xpoweredBy="false" server="Apache TomEE" proxyName="www.myDomain.com" proxyPort="80"/> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" proxyName="www.myDomain.com" proxyPort="80"/> > > BTW if you aren't using TomEE for HTTPS directly, you can remove that > <Connector> entirely. If you are using AJP to proxy from httpd -> > TomEE, then you need no other connectors besides the AJP one. It will > make your TomEE configuration simpler, use fewer resources, and cause > less confusion (like what was happening above, because TomEE was > handling the requests, not httpd). > > > Later, after the above is fixed, I will be adding Bugzilla and > > phpBB to the Fedora 23 server. I am assuming phpBB and Bugzilla > > don't support ajp, and/or I don't need the ajp protocol. Is that > > correct? AJP is just for Tomcat? > > AJP actually stands for Apache JServ Protocol, which was invented > solely for the purposes of proxying to Java-based application servers. > It's mostly outlived its usefulness, but there are some of us die-hard > fans out there that simply can't live without mod_jk and all the great > things is provides. mod_proxy has been playing catch-up with mod_jk > for a very long time, and they are closing-in on feature parity. But > not quite yet :) > > > Since the below questions are off topic I will not be hurt if they > > are not answered. I will go on to another internet search. The > > https configurations for phpBB and Bugzilla will just be... > > > For phpBB: ProxyPass /bb http://localhost:80/bb ProxyPassReverse > > /bb http://localhost:80/bb > > Are you running a separate server for phpBB? Typically, you'll just > use an Alias to point a particular URL space to your disk, and use > mod_php to run the scripts directly: > > Alias /bb /path/to/phpBB Let give that a try and get back with you. > > > For Bugzilla: ProxyPass /tt http://localhost:80/tt ProxyPassReverse > > /tt http://localhost:80/tt > > Same here: > > Alias /tt /path/to/bugzilla > > For Bugzilla specifically, you'll need to enable cgi-bin capabilities > on that directory. Read the Bugzilla configuration reference for how > to enable it. You'll end up with something like this: > > Alias /tt /path/to/bugzilla > RedirectMatch ^/tt$ /tt/index.cgi > <Directory "/path/to/bugzilla"> > Order allow,deny > Allow from all > > Options +ExecCGI > AllowOverride None > > AddHandler cgi-script .cgi > > DirectoryIndex index.cgi > > .. probably some authentication configuration, here, too .. > .. maybe IP- or LDAP-based restrictions, etc. .. > </Directory> > Thanks for answering this. > Hope that helps, > -chris Hope to return the favor some day :-)
signature.asc
Description: OpenPGP digital signature