Conditionally permitting HTTP-only requests to Tomcat?
- by Mike
I have 2 versions of a system:
Tomcat webserver
Nginx reverse-proxy sitting in front of a tomcat webserver.
In version 2, nginx only ever talks to Tomcat over HTTP.
A user could configure the system so that only HTTPS requests are allowed. If the user does this in Version 1 and then the XML configuration files for Tomcat takes care of this. In version 2, nginx takes care of this.
The problem is this: I cannot force a user to update their Tomcat XML config files when they upgrade from version 1 to version 2 (it will be recommended that they do so) because this is done as part of a larger process. This means that if they upgrade and don't update the Tomcat config, an HTTPS request will arrive at nginx, which will proxy it over HTTP to Tomcat which will reject the request because it is not HTTPS.
So I can't force an update to the Tomcat XML, and I have to use HTTP between nginx and Tomcat.
Any ideas? Is there some way I can affect how Tomcat reads its config in Version 2 so that it ignores the HTTPS-only section?