I installed a reverse proxy apache server which handles the SSL encryption for a tomcat. We have a struts web application, and everytime we use response.sendRedirect()
, the application falls back into the normal HTTP protocol instead of staying at HTTPS. The application has to run with both protocols, and I can't handle SSL over the tomcat container.
I can use HTTPS and navigate around through links and actions. But if I come to an action that uses redirect, it will be only HTTP. Why is that so?
SSLProxyEngine [off|on] # (Differs between the ssl and the other normal conf)
ProxyPreserveHost On
ProxyPass / http://mysite:1234/
ProxyPassReverse / http://mysite:1234/
This is my config. I thought about switching the http
to https
in the ssl config but that leads to this:
Bad Gateway
The proxy server received an invalid response from an upstream server. Additionally, a 502 Bad Gateway error was encountered while trying to use an ErrorDocument to handle the request.
How can I get the redirects to stick to HTTPS?
Best Answer
If sendRedirect uses a relative path, Tomcat will add absolute elements including scheme (http/https) and servername.
Scheme will default to http unless you override it. The servername will come from the host header which you've carefully passed already.
I had the same problem and used a new Tomcat connector (along side the existing one) on a separate port which overrides the scheme and sets the port for good measure:
Then in Apache, the SSL virtual host has:
The plain HTTP virtual host continues to use the existing Connector port (8080)
Alternatively, you could hard code the redirect location when calling sendRedirect() but this is obviously inflexible.