Spring Security with Apache Webserver

[arumilli]

Hi All,

I am trying to configure SSL.

Request will come from apache and then tomact and Springs.

My apache configurations are

Code:

Listen 81
ProxyRequests off
<VirtualHost *:80>


        ProxyPass /robots.txt   http://localhost/robots.http
        ProxyPassReverse /robots.txt    http://localhost/robots.http


        ProxyPass / http://local.server.com:9001/
        ProxyPassReverse / http://local.server.com:9001/
</VirtualHost>

<VirtualHost *:81>
  ServerName local.server.com
  SSLEngine On
SSLCertificateFile /etc/httpd/conf.d/server.crt
SSLCertificateKeyFile /etc/httpd/conf.d/server.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
#        ProxyPass /robots.txt http://localhost/robots.https
#        ProxyPassReverse /robots.txt http://localhost/robots.https

 ProxyPass / http://local.server.com:9002/
        ProxyPassReverse / http://local.server.com:9002/

 </VirtualHost>

And my Tomcat server.xml are

Code:

<Connector port="9001" maxHttpHeaderSize="8192" maxThreads="200" protocol="org.apache.coyote.http11.Http11Protocol" executor="hybrisExecutor" enableLookups="false" acceptCount="100" connectionTimeout="20000" URIEncoding="UTF-8" disableUploadTimeout="true" redirectPort="9002" />
 
 <Connector port="9002" maxHttpHeaderSize="8192" maxThreads="150" protocol="org.apache.coyote.http11.Http11Protocol" executor="hybrisExecutor" enableLookups="false" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="UTF-8" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="${catalina.home}/lib/keystore" keystorePass="123456" />

And the spring-security.xml

Code:

	<security:port-mappings>
			<security:port-mapping http="#{configurationService.configuration.getProperty('tomcat.http.port')}"
				https="#{configurationService.configuration.getProperty('tomcat.ssl.port')}" />
			<security:port-mapping http="80" https="81" />
			</security:port-mappings>

Problem is when I access the site from apache. it's loading fine. When the application redirecting to https. then the url is changing to application server.

example:

if i gave http://local.server.com/login it is redirecting to https://local.server.com:9002/login

How can handle this https response to show from webserver not from tomcat/springs?

Tomcat and Apache are running on different machines.

Sreenivas A.