Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/http/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Apache 使用ProxyPass将HTTP页面重定向到HTTPS到Tomcat服务器_Apache_Http_Tomcat_Redirect_Https - Fatal编程技术网
Fatal编程技术网
  • apache/
  • Apache 使用ProxyPass将HTTP页面重定向到HTTPS到Tomcat服务器

Apache 使用ProxyPass将HTTP页面重定向到HTTPS到Tomcat服务器

apache http tomcat redirect https

Apache 使用ProxyPass将HTTP页面重定向到HTTPS到Tomcat服务器,apache,http,tomcat,redirect,https,Apache,Http,Tomcat,Redirect,Https,因此,我有一个运行在端口8080上的tomcat服务器,以及一个运行在端口80和443上的apache服务器。我可以使用以下虚拟主机将整个网站重定向到https: <VirtualHost *:80> Redirect permanent / https://localhost </VirtualHost> <VirtualHost _default_:443> SSLEngine on SSLCertificateFile /etc

因此,我有一个运行在端口8080上的tomcat服务器,以及一个运行在端口80和443上的apache服务器。我可以使用以下虚拟主机将整个网站重定向到https:

<VirtualHost *:80>
    Redirect permanent / https://localhost
</VirtualHost>

<VirtualHost _default_:443>
    SSLEngine on
    SSLCertificateFile /etc/httpd/crt/localhost.crt
    SSLCertificateKeyFile /etc/httpd/crt/localhost.key
    ProxyRequests off
    ProxyPreserveHost on
    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
    ProxyPass /catdapp http://localhost:8080/
    ProxyPassReverse /catdapp http://localhost:8080/
</VirtualHost>
这不起作用,控制台显示它正在检索
http://localhost/catdapp/partials/login.html
因此我尝试将其更改为:

<VirtualHost *:80>
    Redirect permanent /catdapp/partials/login.html https://localhost/catdapp/partials/login.html
    ProxyRequests off
    ProxyPreserveHost on
    ProxyPass /catdapp/partials/login.html !
    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
    ProxyPass /catdapp http://localhost:8080/
    ProxyPassReverse /catdapp http://localhost:8080/
</VirtualHost>
apache访问日志显示:

"GET /catdapp/partials/login.html HTTP/1.1" 301 328 "http://localhost" "Mozilla/5.0 (X11; Linux x84_64; rv:38.0) Gecko/20100101 Firefox/38.0"
"GET /catdapp/partials/login.html HTTP/1.1" 200 2054 "http://localhost" "Mozilla/5.0 (X11; Linux x84_64; rv:38.0) Gecko/20100101 Firefox/38.0"
有什么想法吗?

#
是在客户端的浏览器中处理的-我还没有看到它被传输到服务器

我不再担心混合模式操作,只需无条件地将所有内容重定向到https并继续:使用http/https混合模式,您只会打开许多意想不到的安全漏洞、会话泄漏或其他(现在)不值得这么麻烦的东西。在https虚拟主机中添加一个,您甚至可以在意外使用错误协议的情况下安全(一旦客户端看到HSTS头,这应该是正常情况)

这会消耗更多的服务器端资源吗?可能有一点。这有关系吗?量!如果您有值得保护的资源,那么就应该排除一系列错误,如会话信息泄漏、网络钓鱼、MITM攻击等

GET http://localhost/catdapp/partials/login.html 301 Moved Permanently
GET https://localhost/catdapp/partials/login.html 200 OK

"GET /catdapp/partials/login.html HTTP/1.1" 301 328 "http://localhost" "Mozilla/5.0 (X11; Linux x84_64; rv:38.0) Gecko/20100101 Firefox/38.0"
"GET /catdapp/partials/login.html HTTP/1.1" 200 2054 "http://localhost" "Mozilla/5.0 (X11; Linux x84_64; rv:38.0) Gecko/20100101 Firefox/38.0"