Detecting SSL connections in J2EE apps with an Apache Server

I recently ran into a problem with a J2EE (JSP/Servet) java application. The web app needed to detect if a connection was secure or not.

I had Apache set up to forward all requests to Tomcat for a virtual host.  Two hosts where set up in the apache config, one for port http, the other for https.

The problem was that all requests where showing up as http in the java application. Also the Request.isSecure() method was returning false.

The solution was to setup a new APJ connector in my server config file and set the secure attribute to true. Then i defined a new worker in apache and had the https virtual host forward to the second worker.

Now the Request.isSecure method returns true for https requests and false for http requests. However the URL is always shown as http.

But thats the work around. I hope it helps!

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">