Search code examples
javatomcatstruts

Tomcat request URL

We have an issue with java web application hosted on a tomcat server.

The tomcat instance runs on with the following setting:

<Connector port="8090" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />

In the application, links use getContextPath method, which returns links such as: http://localhost:8090/webapp

However, when accessed by outside (Netscaler redirection to server and port 8090), the application, when queried on the HTTPS port with URL such as https://public.domain.com/webapp, will returns following links: http://public.domain.com:80/webapp/...

The link is generated using StrutsLinkTool setAction() method https://velocity.apache.org/tools/1.2/struts/StrutsLinkTool.html

It is creating issue with our forms treated as unsafe by certain browsers. I am trying to figure out how I can get tomcat to return the publics https domain as base URL. I am trying to find out in the tomcat documentation how the base request URL is configured and if it can be customized?

I guess the proper solution would be to front tomcat with an apache server but I wonder if there is a simpler way to manage but modifying tomcat's server.xml file

Solution

  • Add secure="true" to the Connector. As the documentation says:

    Set this attribute to true if you wish to have calls to request.isSecure() to return true for requests received by this Connector. You would want this on an SSL Connector or a non SSL connector that is receiving data from a SSL accelerator, like a crypto card, an SSL appliance or even a webserver. The default value is false.

    Since your Netscaler is handling the SSL encryption and forwarding the requests un-encrypted to Tomcat, it acts as the "SSL accelerator".

    The result will be that generated URLs with use https:.