Tomcat --> reverse_proxy Caddy. http=ok, https=login form missing

1. Caddy version (caddy version):

2.3.0 Docker caddy:alpine

2. How I run Caddy:

Via docker-compose

a. System environment:

Ubuntu 20.04, latest Docker and Docker Compose, static IPv4

b. Command:

docker-compose up -d

c. Service/unit/compose file:

version: "3"
  services:
  caddy:
    image: caddy:alpine
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddy/Caddyfile/Caddyfile:/etc/caddy/Caddyfile
      - ./Caddy/Data:/data
      - ./Caddy/Config:/config
db:
    image: mysql
    volumes:
      - ./mysql:/var/lib/mysql
    environment:
      MYSQL_DATABASE: Database
      MYSQL_USER: User
      MYSQL_PASSWORD: Password
      MYSQL_ROOT_PASSWORD: Password
    command: mysqld --character-set-server=utf8 --collation-server=utf8_unicode_ci --init-connect='SET NAMES UTF8;' --innodb-flush-log-at-trx-commit=0

  tomcat:
    image: tomcat:8.5-jdk11
    volumes:
      - ./webapp:/usr/local/tomcat/webapps
      - ./workdir:/usr/local/tomcat/workdir
    environment:
      JAVA_OPTS: "-Dportal_working_dir=/usr/local/tomcat/workdir -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Xms2048m -Xmx2048m -Djava.security.egd=file:/dev/./urandom"
    depends_on:
      - db

d. My complete Caddyfile or JSON config:

{
    email admin@mydomain.com
}
tomcat.mydomain.com {
  reverse_proxy tomcat:8080
}

3. The problem I’m having:

Normally, we deploy a .war in Tomcat and use Apache2 as reverse proxy. I tried to use Caddy instead. If i go to the site with publicip:8080/myapplication, everything is loading fine. If i define http://tomcat.mydomain.com in the Caddy file i can use http://tomcat.mydomain.com/myapplication without any problems aswell. If i use https://tomcat.mydomain.com or just tomcat.mydomain.com, the site is loading, but not complete. Usually we should see a login form. When using https it’s not showing up, but instead it’s showing a loading symbol.

4. Error messages and/or full log output:

A look into the Browsers developer tools say 'Failed to load resource: the server responded with a status of 400 () → https://tomcat.mydomain.com/myapplication/login?16-1.IBehaviorListener.0-tabs-panel&_=1613318058434'

Here is the request:

:method: GET
:scheme: https
:authority: tomcat.mydomain.com
:path: /myapplication/login?18-1.IBehaviorListener.0-tabs-panel&_=1613318314097
Accept: application/xml, text/xml, */*; q=0.01
Cookie: JSESSIONID=A2D6C38EA859607984D92DB16D6D8FB4; adminer_sid=a1b3d168a271ab11179727eaa484b63e; adminer_key=1f8d555e6a1ca0afb1c19b042fbff9a3; adminer_permanent=; adminer_version=4.8.0; _ga=GA1.2.1330864484.1612980505
Accept-Language: de-de
Host: tomcat.mydomain.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15
Referer: https://tomcat.mydomain.com/myapplication/login?18
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Wicket-Ajax-BaseURL: login?18
Wicket-Ajax: true

And the answer:

:status: 400
Date: Sun, 14 Feb 2021 15:58:34 GMT
Content-Length: 821
Content-Language: en
Content-Type: text/html;charset=utf-8
Server: Caddy

5. What I already tried:

The apache configuration is like this:

<IfModule mod_ssl.c>
<VirtualHost 192.168.0.100:443>
ServerName tomcat.myapplication.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /myapplication ajp://localhost:8090/myapplication
ProxyPassReverse /myapplication ajp://localhost:8090/myapplication
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert.key
</VirtualHost>
</IfModule>

So it’s using the ajp connector of tomcat but that shouldn’t be a problem i guess, i go with port 8080. And since http is working with Caddy i expect something to be wrong with https (the certificate is working by the way). But my knowing about webservers is a bit limited. So i tried different things like root * /var/www/html or using tomcat.mydomain.com/myapplication and reverse_proxy tomcat/myapplication:8080. But nothing worked.

I hope somebody can give me a hint, i guess it’s possible to use Caddy but some sort of setting is missing, maybe something with the headers, but i don’t know which one. Or the encoding, i tried to use gzip aswell but nothing changed so far.

Thank you! :slight_smile:

Edit: I’m even too dump to use the ```right :smiley:

Those should go on their own lines, before and after the config/logs.

What do you see in Caddy’s logs? Look at the container logs with docker-compose logs caddy. And what are in the tomcat logs?

Those should go on their own lines, before and after the config/logs.

Thank you, seems like i misunderstood the hint :slight_smile:

What do you see in Caddy’s logs?

{"level":"info","ts":1613368487.4460082,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1613368487.45388,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["[::1]:2019","127.0.0.1:2019","localhost:2019"]}
{"level":"info","ts":1613368487.4554117,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0002e0000"}
{"level":"info","ts":1613368487.4561076,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1613368487.456145,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1613368487.458584,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["tomcat.mydomain.com"]}
{"level":"info","ts":1613368487.4631104,"logger":"tls","msg":"cleaned up storage units"}
{"level":"info","ts":1613368487.5425212,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1613368487.542556,"msg":"serving initial configuration"}

Nothing special i guess, when i access the site it’s not throwing any errors there.

And what are in the tomcat logs?

2021-02-15 06:07:16.941 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.
2021-02-15 06:07:16.950 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.
2021-02-15 06:07:18.439 INFO  o.e.c.EhcacheManager:305 - Cache 'org.apache.cxf.ws.security.tokenstore.TokenStore-786309127' created in EhcacheManager.
2021-02-15 06:07:18.541 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.
2021-02-15 06:07:18.543 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.

Thats the only part that’s different from our old Apache setup. So my interpretation would be, that maybe no information came back from the client because caddy tries to redirect it to the wrong URI?

Since there was no more input i increased the logging level to debug. There are two errors. I guess someone who is smart enough probably knows the solution now, at least i hope so :smiley:

{"level":"error","ts":1613584511.467625,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"76.45.32.493:65011","proto":"HTTP/2.0","method":"GET","host":"tomcat.mydomain.com","uri":"/","headers":{"Cookie":["adminer_sid=a1b3d168a271ab11179727eaa484b63e; adminer_key=1f8d555e6a1ca0afb1c19b042fbff9a3; adminer_permanent=; adminer_version=4.8.0; _ga=GA1.2.1330864484.1612980505"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15"],"Accept-Language":["de-de"],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"tomcat.mydomain.com"}},"common_log":"76.45.32.493 - - [17/Feb/2021:17:55:11 +0000] \"GET / HTTP/2.0\" 404 682","duration":0.181860157,"size":682,"status":404,"resp_headers":{"Server":["Caddy"],"Date":["Wed, 17 Feb 2021 17:55:11 GMT"],"Content-Type":["text/html;charset=utf-8"],"Content-Language":["en"],"Content-Length":["682"]}}

{"level":"error","ts":1613584521.32824,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"76.45.32.493:65015","proto":"HTTP/2.0","method":"GET","host":"tomcat.mydomain.com","uri":"/myapplication/login?1-1.IBehaviorListener.0-tabs-panel&_=1613584521084","headers":{"Wicket-Ajax-Baseurl":["login?1"],"Accept-Language":["de-de"],"Wicket-Ajax":["true"],"Referer":["https://tomcat.mydomain.com/myapplication/login?1"],"Accept-Encoding":["gzip, deflate, br"],"Accept":["application/xml, text/xml, */*; q=0.01"],"Cookie":["JSESSIONID=A7AE40AB0CE5D8DCC431566EDF839795; adminer_sid=a1b3d168a271ab11179727eaa484b63e; adminer_key=1f8d555e6a1ca0afb1c19b042fbff9a3; adminer_permanent=; adminer_version=4.8.0; _ga=GA1.2.1330864484.1612980505"],"X-Requested-With":["XMLHttpRequest"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"tomcat.mydomain.com"}},"common_log":"76.45.32.493 - - [17/Feb/2021:17:55:21 +0000] \"GET /myapplication/login?1-1.IBehaviorListener.0-tabs-panel&_=1613584521084 HTTP/2.0\" 400 821","duration":0.119464039,"size":821,"status":400,"resp_headers":{"Date":["Wed, 17 Feb 2021 17:55:21 GMT"],"Content-Type":["text/html;charset=utf-8"],"Content-Language":["en"],"Content-Length":["821"],"Server":["Caddy"]}}

With your configuration above, Caddy can neither generate status 400 messages nor redirect URIs.

Its only configured behaviour is to redirect HTTP->S and proxy the request upstream.

Can you curl the specific resource that’s producing 400 errors in your browser, but directly from tomcat?

1 Like

With your configuration above, Caddy can neither generate status 400 messages nor redirect URIs.

I don’t thought it needed to redirect any URL. I join at tomcat.mydomain.com/myapplication and other paths like tomcat.mydomain.com/myapplication/installationcheckare working aswell. Just /myapplication/login?1 login?2 etc are not working. I just don’t know where to redirect the path /login to, maybe to tomcat:8080/myapplication/login, but do i need to know every following url for this?

Anyway, i did the curls for you, i hope its right, one time the base url /myapplication and one time /myapplication/login where the error happens. Edit: I think they are both the same/similar, because of the curl -l, but without -l i got no output in both cases.

curl -L tomcat.mydomain.de:8080/myapplication

<!DOCTYPE html>
<html lang="en">
<head><script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB0tcf1F2JraIiisy8GfXPLEwyPomWHlOMa3vYDVaCXohSwf9YAkB8P6NLxBT7W15nj2oJYlqN7zFYTH1W6ecQv_IYmzesvBZc4SEWLA8MFjcComQGr6hy44/2FUd0/05D5e/yZr40"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0Bsv1iTrtxjbHvYnzXZlIa0izqj3fARct5wLJECjm8sbyuqC0oa2ImsaMfDddqmOGys05EEZLZcE9JFsrsCZ1KpAwQfn6xN4rxtK9Eqn88Nx7c3i6jJX6q_vyDPhtYLM_cy3PGDdVgqt5Y0BQxDRVg4MNtjpnrqA-1RLw/2FUd0/ct5f3/Eqnc1/Cjm35/6q_43"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0Bsv1iTrtxjbHvYnzXZlIa0izqj3fARct5wLJECjm8sbyuqC0oa2ImsaMfDddqmOGys05EEZLZcE9JFsrsCZ1KpAwQhnJss_uwlqYjeZBrq1GYA-wT8AqYi3oxe0wObANyn7YVSN9OsHQR1DEKH00wBIVekoWKCCQePTg/2FUd0/ct5f3/jeZbe/Ynzd4/sCZ29"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="login?1";
/*]]>*/
</script>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title id="id4">Portal: Login</title>

<style type="text/css" id="com-acb-portal-web-view-base-center-BasePageNoAuthCenterLayout-0">
/*<![CDATA[*/

a.activeLoginLink {
font-weight: bold;
}
a.inactiveLoginLink {
}

/*]]>*/
</style>
<meta name="msapplication-TileImage" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square70x70logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square144x144logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square150x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-wide310x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square310x310logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-ver-30CE14A62077E6E8D985FB9BB860DCF6.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-ver-EC3BB52A00E176A7181D454DFFAEA219.css" />
<script type="text/javascript" src="./bootstrap/js/jquery.bootstrap.wizard-ver-B6AEB59679B836CA52D422BE8C9B420D.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-ver-8081BF89EB0AD0E3820F6C9044B5B45E.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-defaults-en_US-ver-8262F6DBE0373ABB69CF01C247F569C1.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-select-ver-1DDE27FD625567362692B22765E51596.css" />
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu25NofUF03qM64XMNO30pZ9QlczaW2GY3ZGBcbifuu8W2OJ30jVUYOb2Fz3psIdS2KRp56EmcfKr/2FUd0/Y3gec/ifu67"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu25NofUF03qMXp6ixy0lL2B8f-ygk5R8PMKVNfLObuFcbQmVY2SP3I8DRcXSpGZCcTUOYD-4DxYgam0T-exKiRQ/2FUd0/tq315/ZCc79"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu25NofUF03qMVy9thSM4o4Ex8zvVrouApmAu_8-U7lArz6eYozkd5crZThUYWhy91-gm7kqFzy4Ca7uq4XdYm_s/2FUd0/tq315/y91f0"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-datepicker-ver-8BC13C6760DDA7255AB76AF181BDE900.css" />
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu3_WJEzqWPsGkxvTaP-zNFOVwNy2OrOyg8ZK70ei72pMI4QI_Xw3HOaTiggZ5LJqMeytZv5seRU6/2FUd0/Y3gec/ei732"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-multiselect-ver-5E4089B5BB6B95591588D5B4C24F67E7.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css" />
<script type="text/javascript" src="./nifty/js/nifty-ver-2DCAC023ACC71D2AADEBD37BB617C1FD.js"></script>
<script type="text/javascript" src="./nifty/js/load-dashboard-widgets-ver-CF79ACC0989E770DFBE4F3C9EC142EF3.js"></script>
<link rel="stylesheet" type="text/css" href="./nifty/css/nifty-ver-B41763A5CFA62BB38E5DDDCA1A65EF89.css" />
<link rel="stylesheet" type="text/css" href="./nifty/css/font-iconmoon-ver-0B733CDF91C485E57AF4C6A27CDF4CD9.css" />
<link rel="stylesheet" type="text/css" href="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBx_iQyPxVel8-G3I6m_cT_NSylKPswEJjL5iMf6js-dpWJkMICTJaJ55iiRdyulIv7Q9MMQVdUshq7z4cGqV78ArhquUXFFkpNb4HNDhz23FKoQeWrSRWFc/2FUd0/05D5e/yZr40" />
<link rel="stylesheet" type="text/css" href="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11x2LfsvAwXhRKcBqWYCYkW0nd3mx2HMJ2Hc9rGVGqtKewD-uus_UJFPIBjhwuJrZni1R50LzZfv6IRQcR1bvjf-kLxOHkztFs4/2FUd0/-moee/ozhcc" />
<link rel="stylesheet" type="text/css" href="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gOcAzcvEXhbKo_HTOjMcOzQE4aMCSFWL8m99_fdvS1pprSYp7k1xDuG6PmbCjpRmZS99j5eWbM-KmIi4f6Ym-35jRJ-yi5qqm4Z3_pU6WLuBIyuezdJ2YNy_MWYlke1YkF9YXrLLgqK0efDqpDH73e7Jecj41ffAVM/2FUd0/Y3gec/ke136" />
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) { 
$('.alert-wrap.in').remove();;
;
Wicket.Ajax.ajax({"u":"./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.IBehaviorListener.0-tabs-tabs~container-tabs-0-link","c":"id1","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.IBehaviorListener.0-tabs-tabs~container-tabs-1-link","c":"id2","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.IBehaviorListener.0-tabs-panel","c":"id3"});;
$('.selectpicker-live-search').selectpicker({liveSearch: true});
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
</head>
<body>
<div id="id5">
<div></div>
</div>
<div id="id6"></div>

<div id="container" class="cls-container">
<div id="bg-overlay" class="bg-img" style="background-image: url(&#039;./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPZBnwHf6OVkdIyFq5X6V41lDZXObE5pitINegcjaXggUnfJdjPc-nhEa5NWm7LPQKBYRNqX4IOTxDC8QdBf6hXmpWuasBv6pVD392qDYDig0uR09ZJ32A6_8R1uhLFqG4PNnJzQ0tTi0/2FUd0/aPZ3a/V4102&#039;)"></div>
<div class="row">
<div class="col-md-12 text-center pad-top">
<img src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPZBnwHf6OVkdIyFq5X6V41lDZXObE5pitINegcjaXggUnfJdjPc-nhEa5NWm7LPQKXe-lFlOEhgiL-YvC6D9XNICKQ72ffezdDjG5S7B9QIX6tVZoHGm6ccuu2V3R5kGL/2FUd0/Y3gec/2ffc1">
</div>
</div>
<div class="cls-content">
<div class="cls-content-lg" style="width: 350px">
<div id="id7" style="display:none"></div>


<div style="background-color: #f5f5f5;" id="id8">
<div class="tab-base">
<div class="">
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="tab0 active"><a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-tabs-tabs~container-tabs-0-link" id="id1"> <span>Portal Login</span>
</a></li><li role="presentation" class="tab1 last"><a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-tabs-tabs~container-tabs-1-link" id="id2"> <span>Alternate Login</span>
</a></li>
</ul>
</div>
<div class="tab-content" style="padding: 0px;">
<div role="tabpanel" class="tab-pane active" id="id3"><div><img alt="Loading..." src="./crypt.2FUmKDvtSUBS-mozh0Bsv1iTrtxjbHvYnzXZlIa0izqj3fARct5wLJECjm8sbyuqC0oa2ImsaMfDddqmOGys04pHQIyLY33boRFOA1-aIFxi6olX3tkFH01f8GGNUlU5U4WUlkeK8IDI2majFIyrDF3Fr_SvbgAg/2FUd0/Y33b8/ajFec"/></div></div>
</div>
</div>
</div>


</div>
</div>
<div class="row" style="position: fixed; bottom: 0; background-color: #CCC; color: #000; width: 100%; margin: 0px; padding: 5px; opacity: 0.7">
<div class="col-xs-5 col-md-5 text-left">
&copy;
2021
<a target="_blank" href="http://www.externaldomain.com">External Organization</a>
</div>
<div class="col-xs-2 col-md-2 text-center">

<a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-languageIcons-0-languageLink">
<img class="lang-flag" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPXHKPk0m4XFS2XwEsnHlEkfBGZGaBLwz3Nm5V2Y9X0RQFUXsdv6ndqTZJs8cJH5eCb5RR5HWgz5JVRG23eV6RLkY_59hSKftp/2FUd0/Lwz4e/3Nm01">
</a>

<a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-languageIcons-1-languageLink" class=" active">
<img class="lang-flag" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPXHKPk0m4XFS2XwEsnHlEkU0jbsLFnHjC6bgPsMosz9n3Z1Gh0A63zgcZmu_a_NHszWHY7LNGyFV5Nn1bar04pBWsgCXM-Xgk/2FUd0/nHjff/C6b9e">
</a>

</div>
<div class="col-xs-5 col-md-5 text-right">
<div id="ida">
<a target="_blank" href="https://portal.extorganization.com/eula/eula_en.pdf">EULA</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/privacy-notice/">Privacy notice</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/legal-notice/">Legal notice</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<span id="idb">Portal</span>&nbsp;
<span id="idc">1.04.5 (GA)</span>&nbsp;
<span class="text-muted" id="idd">enterprise-cb8dd5ba</span>&nbsp;&nbsp;
<span class="text-muted" id="ide">2021-02-11 11:30 UTC$</span>
</div>
</div>
</div>
</div>

</body>
</html>% 

curl -L tomcat.mydomain.de:8080/myapplication/login

<!DOCTYPE html>
<html lang="en">
<head><script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM__ZZC2FGzEbUX6nJtxnhbMXpC89Hl-MxeiUDh8qFHg_uWSNsg4JKc8tQXEJhAc_6gkefA8EZRJELg8tTodyw8IW-7CCCbOGEQPU3iFRNpESR_aaCWHvkHtU/9Qr59/6gk79/A8E9d"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLB3iZPVNgDDRBh8FbJSW9LGcZ_yBmXH09pQTIn3606lL1Nqot_RIyrBApWI2E83Jp5KSYhTZ5MRLdcjNBYpQur-0jFC7YdhLDVx9hGqhBX9usvmll4FoWn2UrNDkK5WeAt3QLA75rpD8Iglj9PADdV81UWjqgul_-Q/9Qr59/W9La9/2E884/YhT94/SYh21"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLB3iZPVNgDDRBh8FbJSW9LGcZ_yBmXH09pQTIn3606lL1Nqot_RIyrBApWI2E83Jp5KSYhTZ5MRLdcjNBYpQur_iCjMX2r57U0rDItdKIOFUdTrI5w6n7SQIJbsMrz-YllWWuY35AUo_qODmyn2mImIQEce2fv1iGw/9Qr59/W9La9/2E884/YhT94/SYh21"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="login?0";
/*]]>*/
</script>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title id="id4">Portal: Login</title>

<style type="text/css" id="com-acb-portal-web-view-base-center-BasePageNoAuthCenterLayout-0">
/*<![CDATA[*/

a.activeLoginLink {
font-weight: bold;
}
a.inactiveLoginLink {
}

/*]]>*/
</style>
<meta name="msapplication-TileImage" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square70x70logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square144x144logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square150x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-wide310x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square310x310logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-ver-30CE14A62077E6E8D985FB9BB860DCF6.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-ver-EC3BB52A00E176A7181D454DFFAEA219.css" />
<script type="text/javascript" src="./bootstrap/js/jquery.bootstrap.wizard-ver-B6AEB59679B836CA52D422BE8C9B420D.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-ver-8081BF89EB0AD0E3820F6C9044B5B45E.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-defaults-en_US-ver-8262F6DBE0373ABB69CF01C247F569C1.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-select-ver-1DDE27FD625567362692B22765E51596.css" />
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cArKJcMFe1lCTYMW0AQxu6-bmTMb7vM9Sv8wM3-eq0e9ZpxgyVIvnUD4jlseMN6VCrjpqs45z9pF3/9Qr59/c-1e6/nUD3c"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cArKJcMFe1lCTLxm9fgnHXR62nwRnTVhytC-60ZHXUb_foJ53k5boLsfr3a_Jjm2jlBA1YVDjVbkCerAgQ5gl4vw/9Qr59/_fo17/p_q81"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cArKJcMFe1lCTanrAEpFPt_42FXRY07X2H3XKiHYzarqSakTHJjSU_8grtwgeXmh3hgncXnYVpbZQB_cd43XTHnk/9Qr59/qSade/t_4c8"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-datepicker-ver-8BC13C6760DDA7255AB76AF181BDE900.css" />
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cApNOXQK4BljWgLk9AUkwtlsA1ZtWnMD2vSDw1CM-uNbWV9WteG56g0ZheDLcrdY3S6jxL4u0phQz/9Qr59/c-1e6/6g03e"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-multiselect-ver-5E4089B5BB6B95591588D5B4C24F67E7.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css" />
<script type="text/javascript" src="./nifty/js/nifty-ver-2DCAC023ACC71D2AADEBD37BB617C1FD.js"></script>
<script type="text/javascript" src="./nifty/js/load-dashboard-widgets-ver-CF79ACC0989E770DFBE4F3C9EC142EF3.js"></script>
<link rel="stylesheet" type="text/css" href="./nifty/css/nifty-ver-B41763A5CFA62BB38E5DDDCA1A65EF89.css" />
<link rel="stylesheet" type="text/css" href="./nifty/css/font-iconmoon-ver-0B733CDF91C485E57AF4C6A27CDF4CD9.css" />
<link rel="stylesheet" type="text/css" href="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_7mShCgqFkbsNyrha3xH0bi4mskEb1-q4yrnOhGlWIxL3sYIbBv-E1KCQkoa5g0W2iVtCzshRbV-j3aflVjpC6OMlLgguD73tXaG65IyDpTMBsAlLD5jFr8/9Qr59/W2i7d/G65f5" />
<link rel="stylesheet" type="text/css" href="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxtLjK7hGj19xmp0H9RsI4KihHM0orPKa25MjxEpIEX5l-URmzbfqSnvKSbh48HMTs7rkfi2flamOla38BWkZOdtt6dltniEjPw/9Qr59/Snv0a/Ola13" />
<link rel="stylesheet" type="text/css" href="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI0BZR7w7CZXXS8g3pvuN4k63CUJlZ5jj4CF3Un076YzhGvp65UkUWJOesNxvDKBwIN85hNSgMd59jnRJ2kK9rUymwlcaAOELNDIjUxaSZOiRHH4yrtA6_z9Wqz7zTE8-BLUnRuSc9w2KDe5HzfaQ4ju27L_7Noazb/9Qr59/RJ289/KDe3b" />
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) { 
$('.alert-wrap.in').remove();;
;
Wicket.Ajax.ajax({"u":"./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-0-link","c":"id1","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-1-link","c":"id2","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.IBehaviorListener.0-tabs-panel","c":"id3"});;
$('.selectpicker-live-search').selectpicker({liveSearch: true});
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
</head>
<body>
<div id="id5">
<div></div>
</div>
<div id="id6"></div>

<div id="container" class="cls-container">
<div id="bg-overlay" class="bg-img" style="background-image: url(&#039;./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6I6QtyOQPToKoPZ3od5h27kYLegY1r_eymQCM_MhDbq-L2CI5IXTN8xiEsrsKKK_qi8ptW_mqWVPWdY6pSABonpJwqC8kNNL-LQZILviVdIZmXipQl8XEEP4kJ0ojvRslynGJHks8Xh0/9Qr59/L-L8a/lIUd7&#039;)"></div>
<div class="row">
<div class="col-md-12 text-center pad-top">
<img src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6I6QtyOQPToKoPZ3od5h27kYLegY1r_eymQCM_MhDbq-L2CI5IXTN8xiEsrsKKK_qp7CBjGx-vPxZyeb7eVmgprcXJ5p7tl-MwbiKZz6ixOfEphNLK-rqj9jcdM8vmeEM/9Qr59/CI5ee/-Mw16">
</div>
</div>
<div class="cls-content">
<div class="cls-content-lg" style="width: 350px">
<div id="id7" style="display:none"></div>


<div style="background-color: #f5f5f5;" id="id8">
<div class="tab-base">
<div class="">
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="tab0 active"><a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-tabs-tabs~container-tabs-0-link" id="id1"> <span>Portal Login</span>
</a></li><li role="presentation" class="tab1 last"><a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-tabs-tabs~container-tabs-1-link" id="id2"> <span>Alternate Login</span>
</a></li>
</ul>
</div>
<div class="tab-content" style="padding: 0px;">
<div role="tabpanel" class="tab-pane active" id="id3"><div><img alt="Loading..." src="./crypt.9QrwV0sXnCFqFyTgHxzbLB3iZPVNgDDRBh8FbJSW9LGcZ_yBmXH09pQTIn3606lL1Nqot_RIyrBApWI2E83Jp4pSCdVF-J77ztA_1iGwp6tM4MaCnV9atNL49hIJ_tteUvd4fgCMhR3bfLZdNJJDJ3FygLnLja96/9Qr59/yTg1b/06lb5"/></div></div>
</div>
</div>
</div>


</div>
</div>
<div class="row" style="position: fixed; bottom: 0; background-color: #CCC; color: #000; width: 100%; margin: 0px; padding: 5px; opacity: 0.7">
<div class="col-xs-5 col-md-5 text-left">
&copy;
2021
<a target="_blank" href="http://www.externaldomain.com">External Organization</a>
</div>
<div class="col-xs-2 col-md-2 text-center">

<a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-languageIcons-0-languageLink">
<img class="lang-flag" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6bCHRLsTMEgMav3WUcPusbIfjB42f5bmpP5ewbuUdLrGI8bTteXZ4XdnijJ1YOlZ0K5s2R4ew1-IhSYSpoamtOwavN4Uk0-ST/9Qr59/yTg1b/Euy88">
</a>

<a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-languageIcons-1-languageLink" class=" active">
<img class="lang-flag" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6bCHRLsTMEgMav3WUcPusbEevSCGbc2H3F5Mk1LaeyMxMYpk1jChaYTDOf67p6r8UoJCn4h4n8aPQO0Rvb0ieHrqho-BzOfgu/9Qr59/yTg1b/Euy88">
</a>

</div>
<div class="col-xs-5 col-md-5 text-right">
<div id="ida">
<a target="_blank" href="https://portal.extorganization.com/eula/eula_en.pdf">EULA</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/privacy-notice/">Privacy notice</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/legal-notice/">Legal notice</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<span id="idb">Portal</span>&nbsp;
<span id="idc">1.04.5 (GA)</span>&nbsp;
<span class="text-muted" id="idd">enterprise-cb8dd5ba</span>&nbsp;&nbsp;
<span class="text-muted" id="ide">2021-02-11 11:30 UTC$</span>
</div>
</div>
</div>
</div>

</body>
</html>%

Thanks as always :slight_smile:

Yes, but it doesn’t alter the URIs. It should be passing them through, unaltered, from the client - so any URI changes will be handled between tomcat and the client.

These show good results for those, but I was more thinking about this:

i.e. the specific resource which fails in your browser when accessing the site via the Caddy proxy - does this also produce a 400 error if you curl it directly from the tomcat server?

1 Like

Ah ok, since the URL is changing after every try, i did a curl -L of the login page again and took the ‘BehaviorListener’ URL of the output and curled this:

curl -L tomcat.mydomain.com:8080/myappliaction/login;jsessionid=03DDEFFED8D23B57F823F1D588E4F781?1-1.IBehaviorListener.0-tabs-panel

<!DOCTYPE html>
<html lang="en">
<head><script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX7qEBdOA-BcgYbI8OenyjwsNsEUq877n5Ux-U487w5TN8ZJ2g0QsmwHSZmQf1vc4DnumQLXRkZCN1JSJjO9x98_qgp9smf-9mg4a76vduAqm27It3pxbolU/BxT0d/hLSde/Ux-d9"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZlRmkaMHEqmAkwgKaoonJM2qF-XD8c40EXNP2paYS6fYwNUh-dgvN_b3mjfSz4DRnWKSQBTl9jkFV-JHxEbisvzkehOm9cMj1p2Ci1aZS935eq_O8DSJfGEX6eP_ddBvSFG0BA4RSaxPwRAlVi5X0X4hgG-4vRezDw/BxT0d/DSJ7a/MHE19/vzk36/lVi4e"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZlRmkaMHEqmAkwgKaoonJM2qF-XD8c40EXNP2paYS6fYwNUh-dgvN_b3mjfSz4DRnWKSQBTl9jkFV-JHxEbisvySOepIuHUTAhRSvH3xsI5jqKmHhh2DUuXYnko5azzDvEzbw8X3_TyvzRp-yCaIoPJMVRBm14r_ig/BxT0d/h2D09/yvz6c/RnW4a/HxEc4"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="login?0";
/*]]>*/
</script>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title id="id4">Portal: Login</title>

<style type="text/css" id="com-tvs-portal-web-view-base-center-BasePageNoAuthCenterLayout-0">
/*<![CDATA[*/

a.activeLoginLink {
font-weight: bold;
}
a.inactiveLoginLink {
}

/*]]>*/
</style>
<meta name="msapplication-TileImage" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square70x70logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square144x144logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square150x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-wide310x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square310x310logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-ver-30CE14A62077E6E8D985FB9BB860DCF6.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-ver-EC3BB52A00E176A7181D454DFFAEA219.css" />
<script type="text/javascript" src="./bootstrap/js/jquery.bootstrap.wizard-ver-B6AEB59679B836CA52D422BE8C9B420D.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-ver-8081BF89EB0AD0E3820F6C9044B5B45E.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-defaults-en_US-ver-8262F6DBE0373ABB69CF01C247F569C1.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-select-ver-1DDE27FD625567362692B22765E51596.css" />
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5rqx2my36WluqEfLOLCtiVab21RMyOFrem_SRFOY2DE7A8t5mJv_IgqXyjBcX87zMGWBqt_OA2e6k/BxT0d/HVR93/VNgfe"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5rqx2my36WluqV52ayG4eE2qEPjWGSjQNd4wOnsEHr3OfKwEDJgQlA708XrNIhoSeR-g8YY7Gv7MDB3nLuH2x538/BxT0d/7hL2a/Kpl56"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5rqx2my36WluqYHHzh9m6-EZEAoswf75SyD1qcrkMYkroEmJTuRJj0e9s0Yuh5eAq8ouCL1oDyhM8Tryl3xaYfLM/BxT0d/7hL2a/Kpl56"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-datepicker-ver-8BC13C6760DDA7255AB76AF181BDE900.css" />
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5ro-5a5dE3tBBMAp3Yia67xYCJlorEpGpDUqf87bE2QVpXQWs1JLx0rJx6QAxykXQk04adstwR-D6/BxT0d/HVR93/VNgfe"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-multiselect-ver-5E4089B5BB6B95591588D5B4C24F67E7.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css" />
<script type="text/javascript" src="./nifty/js/nifty-ver-2DCAC023ACC71D2AADEBD37BB617C1FD.js"></script>
<script type="text/javascript" src="./nifty/js/load-dashboard-widgets-ver-CF79ACC0989E770DFBE4F3C9EC142EF3.js"></script>
<link rel="stylesheet" type="text/css" href="./nifty/css/nifty-ver-B41763A5CFA62BB38E5DDDCA1A65EF89.css" />
<link rel="stylesheet" type="text/css" href="./nifty/css/font-iconmoon-ver-0B733CDF91C485E57AF4C6A27CDF4CD9.css" />
<link rel="stylesheet" type="text/css" href="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX97BJZ90mu8s3rLDH72_G7q6tP13UfcpoHGsjFNBnWxZqJ24WDRtt33GX0ENU2sz1W7ZDec2pbTDJ1csTrRf1S1VoOBwFuU04h1cL12UYEvixkIMjQnUpLo/BxT0d/hLSde/HGsf3" />
<link rel="stylesheet" type="text/css" href="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa5of7AOJuCeU4jikbma56XezZUho99ogUN6yB8k0FypcMeqfABCOS5AgEoCaz7hCFsHLj0vLJYjULtQJUiN-SfmdtSsPmrHfWY/BxT0d/aa534/IZk09" />
<link rel="stylesheet" type="text/css" href="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgHi--y0DrMURedw6F3x3tw6BGJX0lgfrhJ_DtbK3AoijiV3qJFp6EHv8WPE7sSHl44m4e-C7S2RY7-OCqppI4Wlkdh0CnAifHp2Hdk3lVLcYJT5T1lQo0B8zlRavrJIgLl3nE4qnXKN9hdI7-vmWNBFC_KOhdH-ed/BxT0d/m4ead/p2H15" />
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) { 
$('.alert-wrap.in').remove();;
;
Wicket.Ajax.ajax({"u":"./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-0-link","c":"id1","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-1-link","c":"id2","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.IBehaviorListener.0-tabs-panel","c":"id3"});;
$('.selectpicker-live-search').selectpicker({liveSearch: true});
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
</head>
<body>
<div id="id5">
<div></div>
</div>
<div id="id6"></div>

<div id="container" class="cls-container">
<div id="bg-overlay" class="bg-img" style="background-image: url(&#039;./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPwBdr9_S3in8ANjr_qVhbyQbZfFUHDZljP_QpiTABsq4VJnmv7EyyczjZ2U051wLaAxPw_VYNCUbtieJdEOmTi3GC-afP-eLbWUnfRtRozELAoomhvK6TLr-dQJcoIow9cLy3pD19awM/BxT0d/7hL2a/iaF4d&#039;)"></div>
<div class="row">
<div class="col-md-12 text-center pad-top">
<img src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPwBdr9_S3in8ANjr_qVhbyQbZfFUHDZljP_QpiTABsq4VJnmv7EyyczjZ2U051wLa5SF0PGvo-pbSG1xmP8JXRllAd4hIjn1Ahw9zPkOAXY1N02fkHWY9448IYYUGbJaB/BxT0d/_Qp3d/ljPe1">
</div>
</div>
<div class="cls-content">
<div class="cls-content-lg" style="width: 350px">
<div id="id7" style="display:none"></div>


<div style="background-color: #f5f5f5;" id="id8">
<div class="tab-base">
<div class="">
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="tab0 active"><a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-tabs-tabs~container-tabs-0-link" id="id1"> <span>Alternate Login</span>
</a></li><li role="presentation" class="tab1 last"><a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-tabs-tabs~container-tabs-1-link" id="id2"> <span>Self Service Login</span>
</a></li>
</ul>
</div>
<div class="tab-content" style="padding: 0px;">
<div role="tabpanel" class="tab-pane active" id="id3"><div><img alt="Loading..." src="./crypt.BxT3oLHmyfAvbB22ySXIZlRmkaMHEqmAkwgKaoonJM2qF-XD8c40EXNP2paYS6fYwNUh-dgvN_b3mjfSz4DRnc_GXcyVuY3zpDO_76sCR1g5jsJF9R6kz-o0SfaAFuzWwnClbzfhkg173nYzdVQlgRDbTH2RKAAp/BxT0d/DO_d3/Clb88"/></div></div>
</div>
</div>
</div>


</div>
</div>
<div class="row" style="position: fixed; bottom: 0; background-color: #CCC; color: #000; width: 100%; margin: 0px; padding: 5px; opacity: 0.7">
<div class="col-xs-5 col-md-5 text-left">
&copy;
2021
<a target="_blank" href="http://www.externaldomain.com">External Company</a>
</div>
<div class="col-xs-2 col-md-2 text-center">

<a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-languageIcons-0-languageLink">
<img class="lang-flag" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPFOtw5h2hXwhG58GfWkCt-1kVYfS8kXNuyKOC7AgIQPpFJPItqS6Gqp3Erz4GCe7TZjZ4NjMm2B4xARbiFS4w6liGek6vgfpn/BxT0d/KOC1e/OC762">
</a>

<a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-languageIcons-1-languageLink" class=" active">
<img class="lang-flag" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPFOtw5h2hXwhG58GfWkCt-62nzsNvlaYzhFR8TMam-5Equ8OGA825iEKgtKzbxfzh2JxkPIgwSSVOQS8hxZyFPFPgcBXeX4Wu/BxT0d/FR87b/3Ok2e">
</a>

</div>
<div class="col-xs-5 col-md-5 text-right">
<div id="ida">
<a target="_blank" href="https://portal.extorganization.com/eula/eula_en.pdf">EULA</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/privacy-notice/">Privacy notice</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/legal-notice/">Legal notice</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<span id="idb">Portal</span>&nbsp;
<span id="idc">1.04.5 (GA)</span>&nbsp;
<span class="text-muted" id="idd">enterprise-cb8dd5ba</span>&nbsp;&nbsp;
<span class="text-muted" id="ide">2021-02-11 11:30 UTC$</span>
</div>
</div>
</div>
</div>

</body>
</html>%

Can you compare the output of

curl -kIL tomcat.mydomain.com:8080/myappliaction/login;jsessionid=03DDEFFED8D23B57F823F1D588E4F781?1-1.IBehaviorListener.0-tabs-panel

With the output of

curl -kIL tomcat.mydomain.com/myappliaction/login;jsessionid=03DDEFFED8D23B57F823F1D588E4F781?1-1.IBehaviorListener.0-tabs-panel

I would like to see what kind of redirection and header detail we get between Caddy and Tomcat.

I would like to see what kind of redirection and header detail we get between Caddy and Tomcat.

Here we go, first is via Caddy, second is tomcat directly:

curl -kIL tomcat.mydomain.de/myapplication/login;jsessionid=48F98C5F28351AEFF17CA0A64F4D091E?1-1.IBehaviorListener.0-tabs-panel

HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://tomcat.mydomain.de/myapplication/login
Server: Caddy
Date: Fri, 19 Feb 2021 17:42:55 GMT

HTTP/2 302 
cache-control: no-cache, no-store
date: Fri, 19 Feb 2021 17:42:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: ./login;jsessionid=8EDE838A7DE22CA0D7785BF465840E3D?0
pragma: no-cache
server: Caddy
set-cookie: JSESSIONID=8EDE838A7DE22CA0D7785BF465840E3D; Max-Age=86400; Expires=Sat, 20-Feb-2021 17:42:55 GMT; Path=/myapplication; HttpOnly

HTTP/2 200 
cache-control: no-cache, no-store
content-type: text/html;charset=UTF-8
date: Fri, 19 Feb 2021 17:42:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Caddy
curl -kIL tomcat.mydomain.de:8080/myapplication/login;jsessionid=E2E57A30A06C9765F88648725FB5B6F7?1-1.IBehaviorListener.0-tabs-panel

HTTP/1.1 302 
Set-Cookie: JSESSIONID=03C39972FAAE2712025B4311C500849B; Max-Age=86400; Expires=Sat, 20-Feb-2021 17:45:04 GMT; Path=/myapplication; HttpOnly
Date: Fri, 19 Feb 2021 17:45:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Location: ./login;jsessionid=03C39972FAAE2712025B4311C500849B?0
Transfer-Encoding: chunked

HTTP/1.1 200 
Date: Fri, 19 Feb 2021 17:45:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked

After everything i do i try to search the words that i don’t know in the community. This time it was Transfer-Encoding: chunked. I don’t know if this might be a problem, but there are a lot of posts with this part in it and i’m not able to find anything useful for me.