https redirect problem

I'm trying to access djigzo web gui via apache on port 9080

Here's the relevant lines in apache config:

<VirtualHost *:9080>
ProxyRequests Off
...
ProxyPass /djigzo http://localhost:8080/djigzo
ProxyPassReverse /djigzo http://localhost:8080/djigzo
ProxyPass /web http://localhost:8080/web
ProxyPassReverse /web http://localhost:8080/web

I'm able to initially connect to https://serverip:9080/djigzo with no problems. But after I put in the username/password, it redirects to http instead of staying https as the original request is. When I try to access djigzo on port 8080 which is the default tomcat 6 port it works with no problems. In previous version of ciphermail (djigzo) accessing djigzo via https on port 9080 worked with no problems.

I would appreciate some assistance on this.

Thanks a lot

Below the message I sent to you about a year ago on how to configure a
reverse proxy. Could it be you forgot to set djigzo.https.all=false ?

[quote]

You should tell djigzo not to require HTPPS. This can be done by setting
the Java property djigzo.https.all to false:

djigzo.https.all=false

I cannot test it right now. You can try to add the following line to
tomcat config (to file /etc/default/tomcat6)

JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

Then restart Tomcat. Tomcat should now allow you to connect to port 8080
(without the above setting, it would always redirect to 8443). If
connecting to 8080 works you should be able to use the reverse proxy

I haven't tested it but I think it should be something like:

ProxyPass /djigzo http://localhost:8080/djigzo
ProxyPassReverse /djigzo http://localhost:8080/djigzo

you should make sure that Apache does all the HTTPS stuff"

[/quote]

Kind regards,

Martijn

···

On 05/08/2015 07:22 PM, Dino Edwards wrote:

I'm trying to access djigzo web gui via apache on port 9080

Here's the relevant lines in apache config:

<VirtualHost *:9080> ProxyRequests Off ... ProxyPass /djigzo
http://localhost:8080/djigzo ProxyPassReverse /djigzo
http://localhost:8080/djigzo ProxyPass /web
http://localhost:8080/web ProxyPassReverse /web
http://localhost:8080/web

I'm able to initially connect to https://serverip:9080/djigzo with no
problems. But after I put in the username/password, it redirects to
http instead of staying https as the original request is. When I try
to access djigzo on port 8080 which is the default tomcat 6 port it
works with no problems. In previous version of ciphermail (djigzo)
accessing djigzo via https on port 9080 worked with no problems.

I would appreciate some assistance on this.

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail

You are absolutely correct. I remember that conversation and I had it in my notes and it was one of very first things I did. Here's the relevant info from my /etc/default/tomcat6 file:

unset LC_ALL
JAVA_OPTS="$JAVA_OPTS -Ddjigzo-web.home=/usr/share/djigzo-web"
#JAVA_OPTS="$JAVA_OPTS -Djava.awt.headless=true -Xmx128M"
TOMCAT6_SECURITY=no
JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

The reason I didn't mention it is because the problem seems to be quite the opposite. It's not trying to redirect to https. In this case, after I initially connect via https and log in it tries to redirect back to http on port 8080.

···

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-
bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Saturday, May 09, 2015 12:19 PM
To: users(a)lists.djigzo.com
Subject: Re: https redirect problem

On 05/08/2015 07:22 PM, Dino Edwards wrote:
> I'm trying to access djigzo web gui via apache on port 9080
>
> Here's the relevant lines in apache config:
>
> <VirtualHost *:9080> ProxyRequests Off ... ProxyPass /djigzo
> http://localhost:8080/djigzo ProxyPassReverse /djigzo
> http://localhost:8080/djigzo ProxyPass /web http://localhost:8080/web
> ProxyPassReverse /web http://localhost:8080/web
>
> I'm able to initially connect to https://serverip:9080/djigzo with no
> problems. But after I put in the username/password, it redirects to
> http instead of staying https as the original request is. When I try
> to access djigzo on port 8080 which is the default tomcat 6 port it
> works with no problems. In previous version of ciphermail (djigzo)
> accessing djigzo via https on port 9080 worked with no problems.
>
> I would appreciate some assistance on this.

Below the message I sent to you about a year ago on how to configure a
reverse proxy. Could it be you forgot to set djigzo.https.all=false ?

[quote]

You should tell djigzo not to require HTPPS. This can be done by setting the
Java property djigzo.https.all to false:

djigzo.https.all=false

I cannot test it right now. You can try to add the following line to tomcat
config (to file /etc/default/tomcat6)

JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

Then restart Tomcat. Tomcat should now allow you to connect to port 8080
(without the above setting, it would always redirect to 8443). If connecting to
8080 works you should be able to use the reverse proxy

I haven't tested it but I think it should be something like:

ProxyPass /djigzo http://localhost:8080/djigzo ProxyPassReverse /djigzo
http://localhost:8080/djigzo

you should make sure that Apache does all the HTTPS stuff"

[/quote]

Kind regards,

Martijn

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

You are absolutely correct. I remember that conversation and I had it
in my notes and it was one of very first things I did. Here's the
relevant info from my /etc/default/tomcat6 file:

unset LC_ALL JAVA_OPTS="$JAVA_OPTS
-Ddjigzo-web.home=/usr/share/djigzo-web" #JAVA_OPTS="$JAVA_OPTS
-Djava.awt.headless=true -Xmx128M" TOMCAT6_SECURITY=no
JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

The reason I didn't mention it is because the problem seems to be
quite the opposite. It's not trying to redirect to https. In this
case, after I initially connect via https and log in it tries to
redirect back to http on port 8080.

I just tested it with Tomcat 7 and Apache 2.4 and it works without any
problem. Perhaps your Apache is not correctly configured to send the
correct proxy headers?

Kind regards,

Martijn Brinkers

···

On 05/09/2015 11:54 PM, Dino Edwards wrote:

-----Original Message----- From: users-bounces(a)lists.djigzo.com
[mailto:users- bounces(a)lists.djigzo.com] On Behalf Of Martijn
Brinkers Sent: Saturday, May 09, 2015 12:19 PM To:
users(a)lists.djigzo.com Subject: Re: https redirect
problem

On 05/08/2015 07:22 PM, Dino Edwards wrote:

I'm trying to access djigzo web gui via apache on port 9080

Here's the relevant lines in apache config:

<VirtualHost *:9080> ProxyRequests Off ... ProxyPass /djigzo
http://localhost:8080/djigzo ProxyPassReverse /djigzo
http://localhost:8080/djigzo ProxyPass /web
http://localhost:8080/web ProxyPassReverse /web
http://localhost:8080/web

I'm able to initially connect to https://serverip:9080/djigzo
with no problems. But after I put in the username/password, it
redirects to http instead of staying https as the original
request is. When I try to access djigzo on port 8080 which is the
default tomcat 6 port it works with no problems. In previous
version of ciphermail (djigzo) accessing djigzo via https on port
9080 worked with no problems.

I would appreciate some assistance on this.

Below the message I sent to you about a year ago on how to
configure a reverse proxy. Could it be you forgot to set
djigzo.https.all=false ?

[quote]

You should tell djigzo not to require HTPPS. This can be done by
setting the Java property djigzo.https.all to false:

djigzo.https.all=false

I cannot test it right now. You can try to add the following line
to tomcat config (to file /etc/default/tomcat6)

JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

Then restart Tomcat. Tomcat should now allow you to connect to port
8080 (without the above setting, it would always redirect to 8443).
If connecting to 8080 works you should be able to use the reverse
proxy

I haven't tested it but I think it should be something like:

ProxyPass /djigzo http://localhost:8080/djigzo ProxyPassReverse
/djigzo http://localhost:8080/djigzo

you should make sure that Apache does all the HTTPS stuff"

[/quote]

Kind regards,

Martijn

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail