Instead of using ajp, I would recommend using mod_proxy. I have done that myself with great success. The way I have my stuff set up, I just configure a virtual domain to point to a directory, and create a .htaccess file as such:
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
Of course, alter to match your HTTP ports. In tomcat (which I use), I also edit in server.xml under conf. For the Connector on port 8080, I set the proxyName to match the virtual host, and the proxyPort to 80.
I should add a note that I am using dynamic virtual hosts for my configuration, my sites configuration (I am using debian) under /etc/apache2/sites-available looks as such:
<VirtualHost IP>
Servername yourdomain.com
ServerAlias *.yourdomain.com
UseCanonicalName Off
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
CustomLog /var/www/yourdomain.com/logs/custom.log vcommon
ErrorLog /var/www/yourdomain.com/logs/error.log
TransferLog /var/www/yourdomain.com/logs/access.log
RewriteLog/var/www/yourdomain.com/logs/rewrite.log
RewriteLogLevel 2
VirtualDocumentRoot /var/www/yourdomain.com/sites/%1/html
VirtualScriptAlias /var/www/yourdomain.com/sites/%1/cgi-bin
LogLevel debug
<Directory /var/www/yourdomain.com/sites/>
AllowOverride All
</Directory>
</VirtualHost>
This means that stackoverflow.yourdomain.com will go to /var/www/yourdomain.com/sites/stackoverflow/html
I know you didn't ask for the last part, I just provided it to give a full overview off my setup, and how it fits into the .htaccess file with ProxyPass and ProxyPassReverse
Correct way in new versions of nginx
Turn out my first answer to this question was correct at certain time, but it turned into another pitfall - to stay up to date please check Taxing rewrite pitfalls
I have been corrected by many SE users, so the credit goes to them, but more importantly, here is the correct code:
server {
listen 80;
server_name my.domain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name my.domain.com;
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=31536000" always;
[....]
}
Best Answer
You should look at this blog post on port unification in Glassfish 3. I believe it answers your question for you:
Granted, this solution offers a 302 redirect from only the protocol (e.g. http://blah:8000 to https://blah:8000) as opposed to a direct that changes the protocol and port, but is nifty nonetheless.