Tomcat http to https

When using Alibaba Cloud's SLB, it is found that when https is mapped to http, when response.sendRedirect is used to turn around, it will jump to an http request. This is because tomcat regards the request source as http.

Use the following methods to solve this problem:

1. Enable the SLB listening protocol in the advanced configuration of the basic configuration of SLB.

2. Modify the tomcat configuration file
2.1 Set the front-end proxy mode of TOMCAT to solve the problem that the redirection of the program in TOMCAT does not jump to SSL.
<Connector port="8080"
  proxyName="This is the domain name"
  proxyPort="443"
  scheme="https"
  secure="true"
  protocol="org.apache.coyote.http11.Http11NioProtocol"
  connectionTimeout="20000" URIEncoding=" UTF-8" useBodyEncodingForURI="true"
  redirectPort="8443" />







Add the following under the <Engine> element in server.xml:
<Valve className="org.apache.catalina.valves.RemoteIpValve"
    internalProxies="47\.74\.\d{1,3}\.\d {1,3}"
    remoteIpHeader="X-Forwarded-For"
    protocolHeader="X-Forwarded-Proto"
    protocolHeaderHttpsValue="https"/>

internalProxies means: TOMCAT only accepts X-Forwarded in requests from this IP segment The value of the series is overridden with Remote_Addr, etc. After adding this filter, you can use request.getRemoteAddr() to get the correct client IP. It should be noted that this IP segment needs to be written according to the SLB you use.

In TOMCAT,the default value of internalProxies (the IP segment of SLB cannot be overwritten):
10\.\d{1.3}\.\d{1.3}\.\d{1.3}|192\.168\.\d{1.3}\.\d{1.3 }|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{ 1,3}\.\d{1,3}\.\d{1 ,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1 ,3}|172\.2[0-9]{1}\.\ d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1, 


This <Value> must be written under the <Engine> element!
This <Value> must be written under the <Engine> element!
Do not follow <Host>