permaculture playing cards*
The moose likes Tomcat and the fly likes HTTP to HTTPS not redirecting Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "HTTP to HTTPS not redirecting" Watch "HTTP to HTTPS not redirecting" New topic
Author

HTTP to HTTPS not redirecting

Wade Trenholm
Greenhorn

Joined: Sep 11, 2008
Posts: 1
I've been working with Tomcat V5.5.23 on a Windows 2003 platform. I've replicated the work on my Windows XP workstation for testing purposes and upgrading purposes.

I've setup my workstation with 3 IP addresses, 4 websites (3 secure, 1 not).
I've modified my hosts file and added:
10.10.1.89www.TissueMetrix.ca
10.10.1.55www.GemDatabase.ca
10.10.1.55 www.GemProject.ca
10.10.1.56www.OCBNTM.ca

I've modified the conf/context.xml to add the database resources required for the 4 databases (didn't seem to work when I put it in the server.xml file.

I've added the site folders under /Tomcat5/conf/Catalina/ (4 of them each with a context.xml and a root.xml file).

My server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<Server>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"/>
<GlobalNamingResources>
<Environment
name="simpleValue"
type="java.lang.Integer"
value="30"/>
<Resource
auth="Container"
description="User database that can be updated and saved"
name="UserDatabase"
type="org.apache.catalina.UserDatabase"
pathname="conf/tomcat-users.xml"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"/>
<Resource
name="TMX17"
type="javax.sql.DataSource"
password="tmetrix"
driverClassName="oracle.jdbc.OracleDriver"
maxIdle="2"
maxWait="5000"
removeAbandoned="true"
logAbandoned="true"
username="tmetrix17"
url="jdbcracle:thin:@10.10.1.15:1521:TMX17"
removeAbandonedTimeout="60"
maxActive="0"/>
<Resource
name="SMXTEST"
type="javax.sql.DataSource"
password="smxaimed"
driverClassName="oracle.jdbc.OracleDriver"
maxIdle="2"
maxWait="5000"
removeAbandoned="true"
logAbandoned="true"
username="smxadmin"
url="jdbcracle:thin:@10.10.1.18:1521:smxtest"
removeAbandonedTimeout="60"
maxActive="0"/>
</GlobalNamingResources>
<Service name="CATALINA">
<Connector
port="8080"
enableLookups="false"
acceptCount="10"
minSpareThreads="25"
connectionTimeout="20000"
maxSpareThreads="75"
maxThreads="150"
address="localhost">
</Connector>
<Engine name="Catalina" defaultHost="localhost" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
debug="0" resourcName="UserDatabase"/>
<Host name="localhost"
appBase="webapps"
unpackWARs="false"
autoDeploy="true"
deployXML="true"
deployOnStartUp="true">
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="localhost_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="TissueMetrix">
<Connector
port="443"
address="10.10.1.89"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
secure="true"
scheme="https"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="tomcat">
</Connector>
<Engine name="TissueMetrix" defaultHost="www.TissueMetrix.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourcName="UserDatabase"/>
<Host name="www.TissueMetrix.ca" debug="0" appBase="webapps/TissueMetrix" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="TissueMetrix_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>TissueMetrix.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="TissueMetrix_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="OCBNTissueMetrix">
<Connector
port="443"
address="10.10.1.56"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
secure="true"
scheme="https"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="tomcat">
</Connector>
<Engine name="OCBNTissueMetrix" defaultHost="www.OCBNTM.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourcName="UserDatabase"/>
<Host name="www.OCBNTM.ca" debug="0" appBase="webapps/OCBNTM" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="OCBNTM_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>OCBNTM.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="OCBNTissueMetrix_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="GemDatabase">
<Connector
port="443"
address="10.10.1.55"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
secure="true"
scheme="https"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="tomcat">
</Connector>
<Engine name="GemDatabase" defaultHost="www.GemDatabase.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourceName="UserDatabase"/>
<Host name="www.GemDatabase.ca" debug="0" appBase="webapps/GemDatabase" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="GemDatabase_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>GemDatabase.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="GemDatabase_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="GemProject">
<Connector
port="80"
address="10.10.1.55"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5">
</Connector>
<Engine name="GemProject" defaultHost="www.GemProject.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourceName="UserDatabase"/>
<Host name="www.GemProject.ca" debug="0" appBase="webapps/GemProject" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="GemProject_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>GemProject.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="GemProject_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
</Server>

One of the web.xml files:
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">

<!--DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 1.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd"-->

<display-name>TissueMetrix Web Application</display-name>
<description>
TissueMetrix Web Application
</description>
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>

<!-- idautomation 2d barcode servlet. -->
<servlet>
<servlet-name>IDAutomationServlet</servlet-name>
<servlet-class>com.idautomation.datamatrix.IDAutomationServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>IDAutomationServlet</servlet-name>
<url-pattern>/DmatrixServlet</url-pattern>
</servlet-mapping>

<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description>Constrain the entire application to force use of HTTPS</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>Stylesheets</web-resource-name>
<url-pattern>/styles/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description>Constrain the /styles folder to force use of HTTP</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>

</web-app>

Everything works fine if I put https://www.tissuemetrix.ca in the address line - everything is secure as it should be.
What we need it to do though is redirect from http://www.tissuemetrix.ca to https://www.tissuemetrix.ca, but something in my connector's is not working correctly.

I've already tried having the sites initial port at 80, with redirect to 443 scheme https and secure = true, but what I get is nothing. The page is displayed as encrypted characters (4), but won't redirect to https.

We don't want to have to tell our clients that they must type https://www.tissuemetrix.ca --> or maybe we'll have to.

We do not have any kind of Proxy server or intermediate server routing requests, only TOMCAT 5.5.23 to do it all.

Any help would be so much appreciated.

Like I said everything is working like a charm except the redirect to the secure port (https).

The server is currently running one site and it redirects fine:
Server.xml
<Service
name="Catalina">

<!-- HTTP Connector-->
<Connector
port="80"
redirectPort="8443"
minSpareThreads="25"
maxThreads="150"
maxSpareThreads="75"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true">
</Connector>

<!--HTTPS Connector-->

<Connector
port="8443"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="aimocbn">
</Connector>

<Engine
defaultHost="localhost"
name="Catalina">

Mind you, this is the Catalina Service with only one HTTP and one HTTPS. Maybe with multiple sites I can't.

Please set my mind at ease - I need to know.

Thank you.

[ September 11, 2008: Message edited by: Wade Trenholm ]

OK, here is the solution - so silly of me.
In each of the Service items, there needs to be two connectors, one for the http (port 80) which redirectPort=443 and then the https connector on 443 which has all of the scheme = https, secure = true, etc items.

Thank you though.
[ September 11, 2008: Message edited by: Wade Trenholm ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: HTTP to HTTPS not redirecting
 
Similar Threads
Different log files for different services in tomcat
Securing Application
Tomcat manager not opening
Different log files for different services in tomcat
Weird result of server.xml for Virtual Host