I've been working with
Tomcat V5.5.23 on a Windows 2003 platform. I've replicated the work on my Windows XP workstation for
testing purposes and upgrading purposes.
I've setup my workstation with 3 IP addresses, 4 websites (3 secure, 1 not).
I've modified my hosts file and added:
10.10.1.89
www.TissueMetrix.ca 10.10.1.55
www.GemDatabase.ca 10.10.1.55
www.GemProject.ca 10.10.1.56
www.OCBNTM.ca I've modified the conf/context.xml to add the database resources required for the 4 databases (didn't seem to work when I put it in the server.xml file.
I've added the site folders under /Tomcat5/conf/Catalina/ (4 of them each with a context.xml and a root.xml file).
My server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<Server>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"/>
<GlobalNamingResources>
<Environment
name="simpleValue"
type="java.lang.Integer"
value="30"/>
<Resource
auth="Container"
description="User database that can be updated and saved"
name="UserDatabase"
type="org.apache.catalina.UserDatabase"
pathname="conf/tomcat-users.xml"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"/>
<Resource
name="TMX17"
type="javax.sql.DataSource"
password="tmetrix"
driverClassName="oracle.jdbc.OracleDriver"
maxIdle="2"
maxWait="5000"
removeAbandoned="true"
logAbandoned="true"
username="tmetrix17"
url="jdbc:oracle:thin:@10.10.1.15:1521:TMX17"
removeAbandonedTimeout="60"
maxActive="0"/>
<Resource
name="SMXTEST"
type="javax.sql.DataSource"
password="smxaimed"
driverClassName="oracle.jdbc.OracleDriver"
maxIdle="2"
maxWait="5000"
removeAbandoned="true"
logAbandoned="true"
username="smxadmin"
url="jdbc:oracle:thin:@10.10.1.18:1521:smxtest"
removeAbandonedTimeout="60"
maxActive="0"/>
</GlobalNamingResources>
<Service name="CATALINA">
<Connector
port="8080"
enableLookups="false"
acceptCount="10"
minSpareThreads="25"
connectionTimeout="20000"
maxSpareThreads="75"
maxThreads="150"
address="localhost">
</Connector>
<Engine name="Catalina" defaultHost="localhost" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
debug="0" resourcName="UserDatabase"/>
<Host name="localhost"
appBase="webapps"
unpackWARs="false"
autoDeploy="true"
deployXML="true"
deployOnStartUp="true">
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="localhost_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="TissueMetrix">
<Connector
port="443"
address="10.10.1.89"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
secure="true"
scheme="https"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="tomcat">
</Connector>
<Engine name="TissueMetrix" defaultHost="www.TissueMetrix.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourcName="UserDatabase"/>
<Host name="www.TissueMetrix.ca" debug="0" appBase="webapps/TissueMetrix" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="TissueMetrix_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>TissueMetrix.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="TissueMetrix_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="OCBNTissueMetrix">
<Connector
port="443"
address="10.10.1.56"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
secure="true"
scheme="https"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="tomcat">
</Connector>
<Engine name="OCBNTissueMetrix" defaultHost="www.OCBNTM.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourcName="UserDatabase"/>
<Host name="www.OCBNTM.ca" debug="0" appBase="webapps/OCBNTM" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="OCBNTM_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>OCBNTM.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="OCBNTissueMetrix_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="GemDatabase">
<Connector
port="443"
address="10.10.1.55"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
secure="true"
scheme="https"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="tomcat">
</Connector>
<Engine name="GemDatabase" defaultHost="www.GemDatabase.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourceName="UserDatabase"/>
<Host name="www.GemDatabase.ca" debug="0" appBase="webapps/GemDatabase" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="GemDatabase_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>GemDatabase.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="GemDatabase_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
<Service name="GemProject">
<Connector
port="80"
address="10.10.1.55"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5">
</Connector>
<Engine name="GemProject" defaultHost="www.GemProject.ca" debug="0">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourceName="UserDatabase"/>
<Host name="www.GemProject.ca" debug="0" appBase="webapps/GemProject" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="GemProject_ca" suffix=".log" timestamp="true"/>
<Context path="" docBase="" debug="0" allowLinking="true"/>
<Listener className="org.apache.catalina.startup.UserConfig" directoryName="public_html" userClass="org.apache.catalina.startup.PasswdUserDatabase"/>
<Alias>GemProject.ca</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve"
fileDateFormat="yyyy-MM-dd"
prefix="GemProject_access_log."
suffix=".txt"/>
</Host>
</Engine>
</Service>
</Server>
One of the web.xml files:
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
<!--DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 1.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd"-->
<display-name>TissueMetrix Web Application</display-name>
<description>
TissueMetrix Web Application
</description>
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
<!-- idautomation 2d barcode
servlet. -->
<servlet>
<servlet-name>IDAutomationServlet</servlet-name>
<servlet-class>com.idautomation.datamatrix.IDAutomationServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>IDAutomationServlet</servlet-name>
<url-pattern>/DmatrixServlet</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description>Constrain the entire application to force use of HTTPS</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Stylesheets</web-resource-name>
<url-pattern>/styles/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description>Constrain the /styles folder to force use of HTTP</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
Everything works fine if I put
https://www.tissuemetrix.ca in the address line - everything is secure as it should be.
What we need it to do though is redirect from
http://www.tissuemetrix.ca to
https://www.tissuemetrix.ca, but something in my connector's is not working correctly.
I've already tried having the sites initial port at 80, with redirect to 443 scheme https and secure = true, but what I get is nothing. The page is displayed as encrypted characters (4), but won't redirect to https.
We don't want to have to tell our clients that they must type
https://www.tissuemetrix.ca --> or maybe we'll have to.
We do not have any kind of Proxy server or intermediate server routing requests, only TOMCAT 5.5.23 to do it all.
Any help would be so much appreciated.
Like I said everything is working like a charm except the redirect to the secure port (https).
The server is currently running one site and it redirects fine:
Server.xml
<Service
name="Catalina">
<!-- HTTP Connector-->
<Connector
port="80"
redirectPort="8443"
minSpareThreads="25"
maxThreads="150"
maxSpareThreads="75"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true">
</Connector>
<!--HTTPS Connector-->
<Connector
port="8443"
minProcessors="5"
maxProcessors="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="5"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="D:\\temp\\....jks"
keystorePass="aimocbn">
</Connector>
<Engine
defaultHost="localhost"
name="Catalina">
Mind you, this is the Catalina Service with only one HTTP and one HTTPS. Maybe with multiple sites I can't.
Please set my mind at ease - I need to know.
Thank you.
[ September 11, 2008: Message edited by: Wade Trenholm ]
OK, here is the solution - so silly of me.
In each of the Service items, there needs to be two connectors, one for the http (port 80) which redirectPort=443 and then the https connector on 443 which has all of the scheme = https, secure = true, etc items.
Thank you though.
[ September 11, 2008: Message edited by: Wade Trenholm ]