Running Tomcat Behind a Proxy Server

A common deployment scenario has Tomcat running behind a proxy server. In this kind of environment, the host name and port that the server should return to the client in the HTTP response should be those the client used in the original request and not the actual host name and port that on which Tomcat is running. This is controlled via the proxyName and proxyPort attributes of the connector.

Apache is a good candidate as a proxy server because of its robustness and all-around good grace. If you use Apache, you can use its proxy module (mod_proxy) to pass the servlet requests to the Tomcat server. Uncomment the following in Apache’s conf/httpd.conf file:

 LoadModule proxy_module libexec/mod_proxy.so  LoadModule proxy_http_module modules/mod_proxy_http.so 

Next, add the following lines after the module definitions:

 ProxyPass / http://localhost:8080/  ProxyPassReverse / http://localhost:8080/ 

The Apache server will now pass all requests to the Tomcat server.

On the Tomcat side, the configuration in server.xml for the HTTP connector is as shown in Listing 9-4.

Listing 9-4: Defining a Proxy Name and Proxy Port in server.xml

 <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->  <Connector port="8080"             maxThreads="150" minSpareThreads="25" maxSpareThreads="75"             enableLookups="false" redirectPort="8443" acceptCount="100"             debug="0" connectionTimeout="20000"             disableUploadTimeout="true"             proxyName="localhost" proxyPort="80"/> 

If you don’t specify the proxyName and proxyPort, the response will indicate that it came from http://localhost:8080 instead of http://localhost.