Develop Reference

How to disable HTTPS on tomcat and have it run on port 8080?

I have the following connectors in my server.xml. My app runs on port 8080 and I no longer would like it to run on port 8443. How can I modify the connector to disabl HTTPS and only have tomcat run on 8080? Thank you
<!--
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
keystoreFile="tomcat.keystore" keystorePass="changeit" sslEnabledProtocols="TLSv1.1,TLSv1.2"
ciphers="TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"/>

You need a single Connector:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000" />
and comment out your port 8443 Connector.
This will listen on the shutdown port (defined in your Server stanza, defaults to 8005) and port 8080 only. Note, however, that if the client code wants to upgrade to HTTPS it will fail as you no longer have the redirectPort.

As seen from your original code, please uncomment the port="8080" section and comment out the port="8443" section as follows,
Please note that the meaning for redirectPort="8443" is explained in details here
enter image description here

This will work
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!--
<Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
keystoreFile="tomcat.keystore" keystorePass="changeit" sslEnabledProtocols="TLSv1.1,TLSv1.2"
ciphers="TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"/>
-->

Sending Data over TCP on wso2 ESB

I have created a code where an external system can call wso2 esb over TCP and pass data, this is working fine without any issues however the reverse process is not happening and i am getting confused.
Here i would need to pass certain data to external system over TCP, however i am unable to do so as the parameters which are available while developing proxy doesn't contain IP address, it just contain port number, so i am curious as to how can the communication even be established when the IP address is not mentioned in the proxy.
Any help is appreciated.
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="TCPProxyClient"
startOnLoad="true"
statistics="disable"
trace="disable"
transports="http,https">
<target>
<inSequence>
<property name="symbol" scope="default" type="STRING" value="IBM"/>
<enrich>
<source clone="true" type="inline">
<m:getQuote xmlns:m="http://services.samples">
<m:request>
<m:symbol>?</m:symbol>
</m:request>
</m:getQuote>
</source>
<target type="body"/>
</enrich>
<enrich>
<source clone="true" property="symbol" type="property"/>
<target xmlns:m="http://services.samples" xpath="//m:getQuote/m:request/m:symbol"/>
</enrich>
<log level="full" separator=","/>
<send/>
</inSequence>
<outSequence>
<log level="full"/>
<send/>
</outSequence>
</target>
<parameter name="transport.tcp.responseClient">true</parameter>
<parameter name="transport.tcp.inputType">string</parameter>
<parameter name="transport.tcp.recordDelimiter">|</parameter>
<parameter name="transport.tcp.contentType">text/xml</parameter>
<parameter name="transport.tcp.port">8691</parameter>
<parameter name="transport.tcp.recordDelimiterType">character</parameter>
<description/>
</proxy>

The parameters above are used only when the proxy is listening for TCP messages. For sending a TCP message to a TCP socket, you need to define an endpoint in the send mediator.
<send>
<endpoint>
<address uri="tcp://localhost:8001/helloService"/>
</endpoint>
<send>
Follow the doc [1] to enable to TCP transport sender in axis2.xml.
Refer the question [2] for more info.

Port number 8443 is shown in the browser address bar when using Tomcat with HTTPS

I am working on a Spring MVC application and I have deployed that on a Tomcat installation on the server. In the configuration which I will post below of Tomcat and Spring, HTTP communication occurs on port 80 and HTTPS on port 8443.
Now when the application is deployed, I can see in the browser URL as
https://domainname.com:8443/nameOfPage
I don't want want to show the port number to the user. What should I do, kindly let me know.
Thank you.
Spring Security config.xml
<security:http create-session="ifRequired" use-expressions="true" auto-config="true" disable-url-rewriting="true">
<security:form-login login-page="/"
default-target-url="/canvas/list"
always-use-default-target="false"
authentication-failure-url="/denied.jsp" />
<security:remember-me key="_spring_security_remember_me"
user-service-ref="userDetailsService"
token-validity-seconds="1209600"
data-source-ref="dataSource" />
<security:logout logout-success-url="/"
delete-cookies="JSESSIONID"
invalidate-session="true"
logout-url="/j_spring_security_logout" />
<security:intercept-url pattern="/" requires-channel="https" access="permitAll" />
<security:intercept-url pattern="/canvas/list" access="hasRole('ROLE_USER')" requires-channel="https" />
<security:port-mappings>
<security:port-mapping http="80" https="443" />
</security:port-mappings>
</security>
Apache Tomcat server.xml:
<Connector port="80"
protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443"
protocol="HTTP/1.1"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="/path/to/keystore.jks"
keystorePass="password" />

The only way to achieve this is to use port 443 instead.
The browser will always tell you if you're using a non-standard port, and the standard port for HTTPS is 443.
Similarly, for HTTP if you use any port other than 80, the port number will show in the address bar.

How to log/debug bad requests in tomcat?

In our system (closed system, java web application in tomcat 6 as server, java fat clients) our clients show occasionally "400 - Bad Request" responses. I would like to debug this on the server side, but since the requests seem to be invalid, I don't see them anywhere. I configured the AccessLogValve for the complete tomcat host, but the requests don't appear there. I don't even see anything in catalina.out.
I would love to get these requests logged and even better would be to dump requests based on certain criteria.
Any ideas?
My server.xml looks like this:
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener"
rmiServerPortPlatform="9098"
rmiRegistryPortPlatform="9099"
useLocalPorts="true" />
<Service name="Catalina">
<Connector port="8020" protocol="HTTP/1.1" redirectPort="8010" connectionTimeout="20000" />
<Engine name="Catalina" defaultHost="localhost" jvmRoute="cc1">
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="false"
deployOnStartup="true" xmlValidation="false" xmlNamespaceAware="false">
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="access_log."
suffix=".txt" pattern="combined" resolveHosts="false" />
</Host>
</Engine>
</Service>
</Server>

long time ago - but anyway: Tomcat has different Valves that may help to achieve that: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Request_Dumper_Valve
Another option would be tcpdump since it is HTTP and a response code it seems possible to filter the raw requests that cause this.

Enabling gzip compression for Jboss

How is gzip compression for Jboss 5.1.0 enabled?
Within the tomcat http connector right? I cant remember where this file is stored, server.xml?

edit jboss\server\default\deploy\jbossweb.sar\server.xml
Edit this:
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
connectionTimeout="20000" redirectPort="8443" />
to be more like this:
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" compression="on"
compressableMimeType="text/html,text/xml,text/css,text/javascript, application/x-javascript,application/javascript"
connectionTimeout="20000" redirectPort="8443" />
You can refer to connector config info for further details please see:
http://tomcat.apache.org/tomcat-5.5-doc/config/http.html

To add gzip compression in JBoss 7.1.1, you can edit standalone/configuration/standalone.xml and add:
...
</extensions>
<system-properties>
<property name="org.apache.coyote.http11.Http11Protocol.COMPRESSION" value="on"/>
<property name="org.apache.coyote.http11.Http11Protocol.COMPRESSION_MIME_TYPES" value="text/javascript,text/css,text/html"/>
</system-properties>
Restart the server and check with developer tools or in the HTTP header if it is enabled.

The file is under server.xml and you are correct in stating that you have to updated the http connector.
Following link is info for tomcat, but same applies to JBoss except location of server.xml file. I believe you need to update the server.xml under deploy\jbossweb.sar\
http://viralpatel.net/blogs/2008/11/enable-gzip-compression-in-tomcat.html

In Jboss EAP 7.0 this worked for me:
edit: Standalone.xml
<subsystem xmlns="urn:jboss:domain:undertow:1.2"> <!-- SEARCH FOR THIS: urn:jboss:domain:undertow -->
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http"/>
<host name="default-host" alias="localhost">
(...)
<!-- ADD THIS FOR GZIP COMPRESSION -->
<filter-ref name="gzipFilter" predicate="exists['%{o,Content-Type}'] and regex[pattern='(?:application/javascript|text/css|text/html|text/xml|application/json)(;.*)?', value=%{o,Content-Type}, full-match=true]"/>
<!-- /GZIP COMPRESSION -->
</host>
</server>
(...)
<filters>
(...)
<!-- ADD THIS FOR GZIP COMPRESSION -->
<gzip name="gzipFilter"/>
<!-- /GZIP COMPRESSION -->
</filters>
</subsystem>
Restart the server