I ended up setting up an instance of Sun's web server instead of trying to
use Apache and everything seems to be working now.
Example of what I was trying to do was
1) Deploy an EAR with two url's
http://<server>/index.jsp
http://<server>/ssl/index.jsp
The root page had one link pointed to the path ssl/index.jsp
The WEB.xml has a security constraint that requires the ssl url to
require ssl
<security-constraint>
<display-name>SSL Constraint</display-name>
<web-resource-collection>
<web-resource-name>ssl</web-resource-name>
<description/>
<url-pattern>/ssl/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
With apache when the link was selected for the ssl/index.jsp the port
changed but the protocol did not
With SJSWS when the link was selected both port and protocol changed.
Kshitiz Saxena wrote:
>
> Hi,
>
> Below setting should be sufficient to handle redirection.
>
> Can you provide exact details on what you want to achieve? Examples will
> be helpful.
>
> Also provide wireshark traces at application server instance.
>
> Thanks,
> Kshitiz
>
> JSolanu wrote:
>> Both are set at the HTTP Service level of the cluster configuration. Is
>> there some other setting that needs to be set to to tell the server that
>> 443
>> requires SSL?
>>
>> The HTTP listeners are setup as follows
>>
>> HTTP Service:
>> Properties:
>> proxyHandler=com.sun.enterprise.web.ProxyHandlerImpl
>> authPassthroughEnabled=true
>>
>> http-listener-1
>> Listener: Enabled
>> Security: Disabled
>> Network Address: 0.0.0.0
>> Listener Port: ${HTTP_LISTENER_PORT}
>> Default Virtual Server: server
>> Redirect Port: 443
>> Acceptor Threads: 1
>> Powered By: Enabled
>> Blocking Disabled
>> Properties
>> proxiedProtocols: ws/tcp
>>
>> http-listener-2
>> Listener: Enabled
>> Security: Enabled
>> Network Address: 0.0.0.0
>> Listener Port: ${HTTP_SSL_LISTENER_PORT}
>> Default Virtual Server: server
>> Redirect Port:
>> Acceptor Threads: 1
>> Powered By: Enabled
>> Blocking Disabled
>> Properties: None
>>
>>
>>
>>
>>
>> Kshitiz Saxena wrote:
>>
>>> Hi,
>>>
>>> Have you set both authPassthroughEnabled and proxyHandler? If not, then
>>> please set them to "true" and "com.sun.enterprise.web.ProxyHandlerImpl"
>>> respectively at http-service or http-listener level.
>>>
>>> Thanks,
>>> Kshitiz
>>>
>>> JSolanu wrote:
>>>
>>>> I'm attempting to configure the load balancer plug in for apache, it
>>>> seems to
>>>> be working for http traffic but if I goto a page that required HTTPS
>>>> the
>>>> port changes to 443 but the protocol remains HTTP.
>>>>
>>>> I found some information at the following site which seems to indicate
>>>> that
>>>> if authPassthroughEnabled is true on the HTTP Service and
>>>> rewrite-location
>>>> is true on the load balancer configuration it should be changing the
>>>> protocol from HTTP to HTTPS but it doesn't seem to be working. The
>>>> redirect
>>>> port on http-listener-1 is set to 443, HTTPS Routing is set to false in
>>>> the
>>>> load balancer configuration.
>>>>
>>>> http://docs.sun.com/app/docs/doc/820-4341/abdgs?a=view
>>>>
>>>>
>>>> Anyone have any ideas on what I might be missing to allow the 443
>>>> redirect
>>>> to also change the protocol? The build options and loadbalancer.xml
>>>> configuration I'm using are below.
>>>>
>>>>
>>>> Using aslb-9.1.1-b13.jar
>>>> Installed with instructions on
>>>> http://blogs.sun.com/kshitiz/entry/load_balancer_plugin_in_glassfish
>>>> Apache 2.2
>>>> export CFLAGS=-m32
>>>> export CPPFLAGS=-m32
>>>> ./configure --with-ssl=/apps/openssl-0.9.8k --prefix=/apps/apache
>>>> --enable-ssl -enable-so --enable-rewrite --enable-proxy
>>>> --enable-proxy-balancer --enable-proxy-ajp --enable-rewrite
>>>> --enable-proxy-http --enable-http --enable-dav --enable-headers
>>>> --enable-mods-shared=all --with-included-apr
>>>> Glassfish v2.1
>>>> Installed to /apps/glassfish
>>>> Openssl 0.9.8k
>>>> ./Configure linux-elf -m32 --openssldir=/apps/openssl-0.9.8k shared
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> <?xml version="1.0" encoding="UTF-8"?>
>>>> <!DOCTYPE loadbalancer PUBLIC "-//Sun Microsystems Inc.//DTD Sun Java
>>>> System
>>>> Application Server 9.1//EN" "sun-loadbalancer_1_2.dtd">
>>>> <loadbalancer>
>>>> <cluster name="MyAppCluster" policy="round-robin">
>>>> <instance disable-timeout-in-minutes="30" enabled="true"
>>>> listeners="http://my.domain.com:11010 https://my.domain.com:11011"
>>>> name="app01" weight="100"/>
>>>> <instance disable-timeout-in-minutes="30" enabled="true"
>>>> listeners="http://my.domain.com:11020 https://my.domain.com:11021"
>>>> name="app02" weight="100"/>
>>>> <web-module context-root="/app" disable-timeout-in-minutes="30"
>>>> enabled="true"/>
>>>> <health-checker interval-in-seconds="30" timeout-in-seconds="10"
>>>> url="/"/>
>>>> </cluster>
>>>> <property name="response-timeout-in-seconds" value="60"/>
>>>> <property name="reload-poll-interval-in-seconds" value="60"/>
>>>> <property name="https-routing" value="false"/>
>>>> <property name="require-monitor-data" value="true"/>
>>>> <property name="active-healthcheck-enabled" value="false"/>
>>>> <property name="number-healthcheck-retries" value="3"/>
>>>> <property name="rewrite-location" value="true"/>
>>>> </loadbalancer>
>>>> <!--
>>>> This file was generated on: [Sun Oct 25 20:13:40 GMT+00:00 2009].
>>>> Debugging Tips:
>>>> By default, instances and web-modules are not enabled. Please enable
>>>> them
>>>> manually if you have not done that using asadmin.
>>>> -->
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>>
>>>
>>>
>>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>
>
--
View this message in context: http://www.nabble.com/Load-balancer-not-changing-protocol-to-https-on-https-redirect-tp26052176p26089614.html
Sent from the java.net - glassfish users mailing list archive at Nabble.com.