英文:
Tomcat request URL
问题
我们在托管在Tomcat服务器上的Java Web应用程序中遇到了问题。
Tomcat实例的运行配置如下:
<Connector port="8090" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
在应用程序中,链接使用getContextPath方法,该方法返回诸如:
http://localhost:8090/webapp
然而,当通过外部访问(Netscaler重定向到服务器和端口8090)应用程序时,使用以下URL在HTTPS端口上查询,例如https://public.domain.com/webapp,将返回以下链接:
http://public.domain.com:80/webapp/...
该链接是使用StrutsLinkTool的setAction()方法生成的
https://velocity.apache.org/tools/1.2/struts/StrutsLinkTool.html
这导致某些浏览器将我们的表单视为不安全。我正在尝试弄清楚如何使Tomcat将公共HTTPS域返回为基本URL。我正在尝试在Tomcat文档中找出基本请求URL的配置方式,以及是否可以进行自定义?
我猜合适的解决方案是在Tomcat前面放置一个Apache服务器,但我想知道是否有更简单的方法来管理,例如修改Tomcat的server.xml文件。
英文:
We have an issue with java web application hosted on a tomcat server.
The tomcat instance runs on with the following setting:
<Connector port="8090" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
In the application, links use getContextPath method, which returns links such as:
http://localhost:8090/webapp
However, when accessed by outside (Netscaler redirection to server and port 8090), the application, when queried on the HTTPS port with URL such as https://public.domain.com/webapp, will returns following links:
http://public.domain.com:80/webapp/...
The link is generated using StrutsLinkTool setAction() method
https://velocity.apache.org/tools/1.2/struts/StrutsLinkTool.html
It is creating issue with our forms treated as unsafe by certain browsers.
I am trying to figure out how I can get tomcat to return the publics https domain as base URL. I am trying to find out in the tomcat documentation how the base request URL is configured and if it can be customized?
I guess the proper solution would be to front tomcat with an apache server but I wonder if there is a simpler way to manage but modifying tomcat's server.xml file
答案1
得分: 1
在 Connector 中添加 secure="true"。如文档所述:
如果您希望对通过此Connector接收的请求调用
request.isSecure()返回true,请将此属性设置为true。您可能希望在SSL Connector上或从SSL加速器(如加密卡、SSL设备或甚至Web服务器)接收数据的非SSL连接器上使用此选项。默认值为false。
由于您的Netscaler处理SSL加密并将未加密的请求转发给Tomcat,它充当了"SSL accelerator"。
结果将是生成的URL将使用https:。
英文:
Add secure="true" to the Connector. As the documentation says:
> Set this attribute to true if you wish to have calls to request.isSecure() to return true for requests received by this Connector. You would want this on an SSL Connector or a non SSL connector that is receiving data from a SSL accelerator, like a crypto card, an SSL appliance or even a webserver. The default value is false.
Since your Netscaler is handling the SSL encryption and forwarding the requests un-encrypted to Tomcat, it acts as the "SSL accelerator".
The result will be that generated URLs with use https:.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论