Tech > ApacheSpringSecurity

Apache Spring Security

Introduction

This document describes how to enable SSL to work with Apache and Spring Security, where Spring Security is running under Tomcat with calls being forwarded using Mod JK.

Configuration

Update or create virtual host configurations in your apache.conf using mod_rewrite rules similar to the following:

<VirtualHost *:80>
      RewriteEngine on
      RewriteCond %{HTTPS} off
      RewriteCond %{REQUEST_URI} ^/mycontext/login.jsp$
      RewriteRule (^/.*$) https://%{SERVER_NAME}$1
</VirtualHost>

...

<IfModule mod_ssl.c>
   <VirtualHost *:443>
      RewriteEngine on
      RewriteCond %{HTTPS} on
      RewriteCond %{REQUEST_URI} !^/mycontext/(login.jsp|auth/signin.html|j_acegi_security_check)$
      RewriteRule (^/.*$) http://%{SERVER_NAME}$1
   </VirtualHost>
</IfModule>

-- Frank Dean - 21 Aug 2008

Related Topics: ApacheHints