Tomcat – embedded tomcat 7 behind iis 7.5 proxy ssl problems

arriis-7.5tomcat

I'm using embedded tomcat 7 behind a iis 7.5 proxy server, with requests being forwarded to tomcat with arr.

Everything works fine unless iis is set to require ssl.

Then things like links that are generated dynamically in .jsp files on tomcat don't work right. For example if a link is supposed to point to https://somewhere.com:443 it will be written as http://somewhere.com:8080 (8080 is the port tomcat is running on).

The problem seems to come from when tomcat looks at itself to build out the url it sees correctly that it is running on http://somewhere.com:8080, but I need it to think otherwise.

Does anybody know how to accomplish this without using ssl between iis and tomcat?

Best Answer

This problem is due to Tomcat not knowing the actual external URL of the application. When the application redirects to a relative URL, the Servlet add the full absolute URL to Location (as required).

If you are using HTTP between IIS and Tomcat, Tomcat thinks you are using HTTP and generates http://... absolute URL.

The solution is not using HTTP (nor HTTPS) between IIS and Tomcat.
You should use AJP13 protocol and the Tomcat-ISAPI Redirector on IIS.
Here is the official Tomcat+IIS how to.

Using Apache as proxy you could use HTTP for proxying, but you need configure Apache's mod_proxy and tell Tomcat it is behind a proxy. Here is a how to on that process.

Best Answer

Related Solutions

Windows 7 IIS 7.5 – Fix HTTP Error 401.3 Unauthorized

Tomcat – Which is more secure: Tomcat standalone or Tomcat behind Apache

Related Topic