18 Apr
2011
18 Apr
'11
2:01 p.m.
On 04/18/2011 01:28 PM, lists(a)yhmail.de wrote:
Hello again,
we are running a tomcat-server "behind" an apache-server. In order to
redirect the request we use the following configuration:
<VirtualHost *:80>
ServerName www.my-domain.de
ServerAlias my-domain.de
Redirect permanent / https://www.my-domain.de/
</VirtualHost>
<VirtualHost *:443>
ServerName www.my-domain.de
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/apache2/ssl/my-domain.crt
SSLCertificateKeyFile /etc/apache2/ssl/my-domain.key
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
Redirect / /xwikiv2/
ProxyPass /xwikiv2 http://localhost:8080/xwikiv2
ProxyPassReverse /xwikiv2 http://localhost:8080/xwikiv2
ProxyPreserveHost On
</VirtualHost>
So all communication should be encrypted and the user should
immediately be redirected to the wiki.
With these settings we encounter a strange behaviour. For example the
Blog refuses to create a new category (see: [xwiki-users] Server not
responding when creating a new Blog-Category). If I point my browser
directly to my-domain.de:8080 I can create categories.
Is the config file correct? Is there a better way?
I think this is caused by the fact that the container (Tomcat) doesn't
know the connection is secure (HTTPS) and tries to generate absolute
URLs pointing to http instead of https. I don't know how to forward the
information that the connection is secure from httpd to tomcat, but this
could be a good starting point into fixing the problem.
--
Sergiu Dumitriu
http://purl.org/net/sergiu/