Integrating SSL in Big IP and JBoss/Tomcat

Hi,

 

 

We are configuring a big ip box (LTN 9.4.5) with a jboss server (4.3.0EAP).

 

 

Our big deal now is the ssl configuration.

 

 

Follows the workflow:

 

 

1. When a connection arrives in the 80 port, I redirect it to JBoss.

 

2. JBoss then checks if the URL should be encrypted or not.

 

3. If it is, it then sends a redirect back to the browser to force the connection to go over the ssl port.

 

 

Our main problem, is that as the big ip offloads the ssl connection to a common http connection to JBoss, it is never able to decide if the connection was received from the ssl/443 port of the http/80 port.

 

 

Is there a way to signal the web server (in this case JBoss) that the connection came from a ssl port? Could we append to parameter to the header or something like that?

 

 

We searched a lot on the web and dev central without any success. And it seams to be a very common situation for people using the big ip product.

 

 

Thanks in advance for any help.

 

 

Fernando