[Building Sakai] Proxying through Apache
Martin B. Smith
smithmb at ufl.edu
Wed Apr 7 12:17:00 PDT 2010
On 04/07/2010 01:16 PM, chuot con wrote:
> Hi Martin,
>
> I included this line into my server.xml file:
>
> <Connector protocol="AJP/1.3" debug="0" redirectPort="443"
> enableLookups="false" port="8009" maxProcessors="1024"
> minProcessors="20" acceptCount="10"
> connectionTimeout="20000"
> URIEncoding="UTF-8"
> tomcatAuthentication="false"
> scheme="https" secure="true"
> slProtocol="TLS"
> proxyName="localhost"
> proxyPort="443"
> />
> It works with SSL but not correctly. I can access by address:
> http://localhost/portal.
> When I login into sakai, the web browser redirect to
> https://localhost/portal.
> It not secure. Because, I can capture a package that obtain information
> of user (username + password). Web server do not automate redirect to
> https://localhost/portal. It only automate redirect to
> https://localhost/portal when I login into sakai.
>
> How should I do to web server always redirect to
> https://localhost/portal when I access to http://localhost/portal ?
>
> Regards.
> Thinh.
> Rea
Hi again,
We use mod_rewrite (in the Apache virtual host configuration file) to
force all non-SSL requests to get redirected:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]
Hope that helps,
--
Martin B. Smith
smithmb at ufl.edu - (352) 273-1374
CNS/Open Systems Group
University of Florida
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5497 bytes
Desc: S/MIME Cryptographic Signature
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100407/9cf0b5eb/attachment.bin
More information about the sakai-dev
mailing list