On 01/07/2010 20:11, John-Paul Ranaudo wrote:
> I wish I could provide more information. At least I have narrowed down
> the problem. I am having a meeting with the architects of both
> frameworks today so perhaps I'll get some details.
Given some examples of URLs that fail, and bits of code/HTML/
I wish I could provide more information. At least I have narrowed down the
problem. I am having a meeting with the architects of both frameworks today
so perhaps I'll get some details.
Thanks.
On Thu, Jul 1, 2010 at 2:54 PM, Pid wrote:
> On 01/07/2010 19:38, John-Paul Ranaudo wrote:
> > I did m
On 01/07/2010 19:38, John-Paul Ranaudo wrote:
> I did more tracing and remote debugging and I was mistaken (too many
> late nights). Each framework is sending us the request via port 80. The
> problem comes from the fact the one of the frameworks uses HTTPS before
> the load balancers so when we se
I did more tracing and remote debugging and I was mistaken (too many late
nights). Each framework is sending us the request via port 80. The problem
comes from the fact the one of the frameworks uses HTTPS before the load
balancers so when we send back a redirect it is using the wrong scheme. HTTP
On 01/07/2010 16:01, John-Paul Ranaudo wrote:
> I am confused no doubt. What you say here is correct:
>
> /"In your description of the issue so far, you've said that the
> application *is* using SSL. The load-balancers might be terminating it
> & forwarding unencrypted connections"/
> /
> /
> /I
I am confused no doubt. What you say here is correct:
*"In your description of the issue so far, you've said that the
application *is* using SSL. The load-balancers might be terminating it
& forwarding unencrypted connections"*
*
*
*I think I understand what you mean by redirecting. Our current
c
On 01/07/2010 14:49, John-Paul Ranaudo wrote:
> That wont work either because like I said before, the application is not
> really using SSL. The SSL is handled by the load balancers.
Either I'm confused, or you are.
In your description of the issue so far, you've said that the
application *is* u
That wont work either because like I said before, the application is not
really using SSL. The SSL is handled by the load balancers. If we use
anything that forces SSL it will fail for the other framework which does not
use SSL.
On Thu, Jul 1, 2010 at 3:59 AM, Pid wrote:
> On 01/07/2010 08:49, J
On 01/07/2010 08:49, John-Paul Ranaudo wrote:
> No we are not.
If the SSL-only resources match a specific path, you can add a
security-constraint which doesn't have user roles, but does have a
transport-guarantee set to 'CONFIDENTIAL'.
The container will automatically upgrade a matching request t
No we are not.
On 7/1/10, Pid wrote:
> On 01/07/2010 03:42, John-Paul Ranaudo wrote:
>> I have now realized the root of the problem. The cause of the problem is
>> that the load balancer will sometimes proxy an HTTPS request as an HTTP
>> request so when we send back a redirect we send it back wi
On 01/07/2010 03:42, John-Paul Ranaudo wrote:
> I have now realized the root of the problem. The cause of the problem is
> that the load balancer will sometimes proxy an HTTPS request as an HTTP
> request so when we send back a redirect we send it back with the wrong
> scheme (HTTP). So here is my
I have now realized the root of the problem. The cause of the problem is
that the load balancer will sometimes proxy an HTTPS request as an HTTP
request so when we send back a redirect we send it back with the wrong
scheme (HTTP). So here is my current configuration:
Port 443 is not really hand
Chris
Sorry for the late reply. While I have not been able to try this yet your
explanations are very clear and I understand better what the options on the
connector mean now. I will give this a try.
Thank you for your reply.
Regards,
John Ranaudo
On Fri, Jun 25, 2010 at 2:22 PM, Christopher
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John-Paul,
On 6/25/2010 1:40 PM, John-Paul Ranaudo wrote:
> Ok, so I am assuming I do not have to setup SSL (certificates etc) since my
> load balancer is decoding the connection. So even if the load balancer is
> "decoding" the connection I still hav
Thanks for the reply.
Ok, so I am assuming I do not have to setup SSL (certificates etc) since my
load balancer is decoding the connection. So even if the load balancer is
"decoding" the connection I still have to have SSLEnabled="true"? However if
I do, does this not make Tomcat try and decode th
On 25/06/2010 17:56, John-Paul Ranaudo wrote:
> Our environment:
>
> Unix Solaris 5.9
> Tomcat 6.0.26
> JVM 1.6.20
>
> Our application runs in two frameworks. One uses https one does not. I am
> trying to configure the tomcat connectors to work but when I get it working
> in one framework it does
Our environment:
Unix Solaris 5.9
Tomcat 6.0.26
JVM 1.6.20
Our application runs in two frameworks. One uses https one does not. I am
trying to configure the tomcat connectors to work but when I get it working
in one framework it does not work in the other.
*I have been told we do not need to 'ha
17 matches
Mail list logo
