Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

url redirect help using ssl

ddvorak
Champ in-the-making
Champ in-the-making

‎06-22-2010 03:08 PM

I am working on installing Alfresco 3.3 community edition using Tomcat6. I would like for users to be able to type https://myserver and get to Alfresco Share login page instead of https://myserver:8443. The latter works perfectly, the user is directed to the login page and can log in using ssl (so I am fairly sure I have the ssl certificate stuff correct). I just can't get the redirect to work without using the port number.

I have looked at both of the following posts and tried following the configurations, installed mod_jk and still - no luck…I guess I need the "dummies" version??  Smiley Indifferent  
http://wiki.alfresco.com/wiki/Deploying_To_Server
http://forums.alfresco.com/en/viewtopic.php?f=14&t=14121

Any help would be greatly appreciated.
Labels:
0 Kudos
3 REPLIES 3

mikeh
Star Contributor
Star Contributor

‎06-22-2010 04:02 PM

Look in Tomcat's conf/server.xml - there should be the port 8443 reference. If your users are going to Tomcat directly (rather than via an Apache Web Server) you can change the port to 443 there.

Thanks,
Mike
0 Kudos

ddvorak
Champ in-the-making
Champ in-the-making

‎06-22-2010 04:26 PM

Thank you for the reply. I apologize in advance for the length of code - following is the server.xml file. I have both the 443 and 8443 ports configured…at one point I had the 8009 port enabled for mod_jk but could not get it to work. I also tried a redirect from port 443 to port 8443 (putting the 443 connector before the 8443 connector and configuring it similar to the port 8080 connector - didn't work…have the feeling I am missing something really simple, but can't for the life of me figure out what. I should also probably add that we have made some modifications to default share pages. The modifications are in the index.jsp file and some of the other template files (probably should not be there…but I figure I can change that once I have other things working) so when I set the appBase at share.war, those files are bypassed - which I don't want. 

<?xml version='1.0' encoding='utf-8'?>
<!–
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
–>
<!– Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
 –>
<Server port="8005" shutdown="SHUTDOWN">

  <!–APR library loader. Documentation at /docs/apr.html –>
  <!–
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  –>
  <!–Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html –>
  <Listener className="org.apache.catalina.core.JasperListener" />
  <!– JMX Support for the Tomcat server. Documentation at /docs/non-existent.html –>
  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

  <!– Global JNDI resources
       Documentation at /docs/jndi-resources-howto.html
  –>
  <GlobalNamingResources>
    <!– Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
    –>
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />
  </GlobalNamingResources>

  <!– A "Service" is a collection of one or more "Connectors" that share
       a single "Container" Note:  A "Service" is not itself a "Container", 
       so you may not define subcomponents such as "Valves" at this level.
       Documentation at /docs/config/service.html
   –>
  <Service name="Catalina">
  
    <!–The connectors can use a shared executor, you can define one or more named thread pools–>
    <!–
    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" 
        maxThreads="150" minSpareThreads="4"/>
    –>
    
    
    <!– A "Connector" represents an endpoint by which requests are received
         and responses are returned. Documentation at :
         Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
         Java AJP  Connector: /docs/config/ajp.html
         APR (HTTP/AJP) Connector: /docs/apr.html
         Define a non-SSL HTTP/1.1 Connector on port 8080
    –>

    <Connector port="8080" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="8443" />
    <!– A "Connector" using the shared thread pool–>
    <!–
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="8443" />
    –>           
    <!– Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation –>
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" 
          keystoreFile="webapps/mycert/keystore.key"
          keystorePass="certpass" />


    <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile="webapps/mycert/keystore.key"
               keystorePass="certpass" />

    <!– Define an AJP 1.3 Connector on port 8009 –>
    <!–
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
    –>

    <!– An Engine represents the entry point (within Catalina) that processes
         every request.  The Engine implementation for Tomcat stand alone
         analyzes the HTTP headers included with the request, and passes them
         on to the appropriate Host (virtual host).
         Documentation at /docs/config/engine.html –>

    <!– You should set jvmRoute to support load-balancing via AJP ie :
    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">         
    –> 
    <Engine name="Catalina" defaultHost="localhost">

      <!–For clustering, please take a look at documentation at:
          /docs/cluster-howto.html  (simple how to)
          /docs/config/cluster.html (reference documentation) –>
      <!–
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
      –>        

      <!– The request dumper valve dumps useful debugging information about
           the request and response data received and sent by Tomcat.
           Documentation at: /docs/config/valve.html –>
      <!–
      <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
      –>

      <!– This Realm uses the UserDatabase configured in the global JNDI
           resources under the key "UserDatabase".  Any edits
           that are performed against this UserDatabase are immediately
           available for use by the Realm.  –>
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase"/>

      <!– Define the default virtual host
           Note: XML Schema validation will not work with Xerces 2.2.
       –>
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true"
            xmlValidation="false" xmlNamespaceAware="false">

        <!– SingleSignOn valve, share authentication between web applications
             Documentation at: /docs/config/valve.html –>
        <!–
        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
        –>

        <!– Access log processes all example.
             Documentation at: /docs/config/valve.html –>
        <!–
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"  
               prefix="localhost_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>
        –>

      </Host>
    </Engine>
  </Service>
</Server>
0 Kudos

ddvorak
Champ in-the-making
Champ in-the-making

‎06-28-2010 04:09 PM

This was solved using iptables to do the redirect from port 443 to port 8443
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC