I have 2 web applications that run on a single Tomcat in a docker container on an AWS EC2 instance. One web app is 100% angular static content and the other is a REST application. When I run the web apps on my laptop, everything runs fine. When I run the docker container on an EC2 instance and access the web apps directly using the public IP, everything runs fine. However, when I try to access the web apps through an ELB, requests for the static content are handled fine, but requests to the REST app fail with a 403. I can see the 403 error in the Tomcat access logs so I know they are being received by Tomcat. However the REST app logs show no evidence that the request was received. I added a filter to the REST app that logs all requests received, but it shows no evidence that the request was received when when sent through the ELB.
Any idea why this might be happening? Any suggestions for diagnosing?
My docker file ...
FROM tomcat:8.0
LABEL maintainer="rossmillsiphone@gmail.com"
ADD voteride-web.war /usr/local/tomcat/webapps/
ADD voteride-ws.war /usr/local/tomcat/webapps/
ADD mysql-connector-java-5.1.9.jar /usr/local/tomcat/lib/
ADD server.xml /usr/local/tomcat/conf/
ADD context.xml /usr/local/tomcat/conf/
ADD email.properties /usr/local/tomcat/lib/
ADD logging.properties /usr/local/tomcat/conf
EXPOSE 8080
CMD ["catalina.sh", "run"]
This article had the answer I needed: https://willwarren.com/2014/01/27/running-apache-tomcat-with-ssl-behind-amazon-elb/
Setting the connector like this resolved the issue and allowed the web app to be called when traffic came through the ELB.
<Connector
port="8080"
protocol="HTTP/1.1"
proxyPort="443"
scheme="https"
secure="true"
proxyName="mywebsite.com"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />