Tomcat --> reverse_proxy Caddy. http=ok, https=login form missing

Those should go on their own lines, before and after the config/logs.

Thank you, seems like i misunderstood the hint

What do you see in Caddy’s logs?

{"level":"info","ts":1613368487.4460082,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1613368487.45388,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["[::1]:2019","127.0.0.1:2019","localhost:2019"]}
{"level":"info","ts":1613368487.4554117,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0002e0000"}
{"level":"info","ts":1613368487.4561076,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1613368487.456145,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1613368487.458584,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["tomcat.mydomain.com"]}
{"level":"info","ts":1613368487.4631104,"logger":"tls","msg":"cleaned up storage units"}
{"level":"info","ts":1613368487.5425212,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1613368487.542556,"msg":"serving initial configuration"}

Nothing special i guess, when i access the site it’s not throwing any errors there.

And what are in the tomcat logs?

2021-02-15 06:07:16.941 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.
2021-02-15 06:07:16.950 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.
2021-02-15 06:07:18.439 INFO  o.e.c.EhcacheManager:305 - Cache 'org.apache.cxf.ws.security.tokenstore.TokenStore-786309127' created in EhcacheManager.
2021-02-15 06:07:18.541 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.
2021-02-15 06:07:18.543 WARN  o.a.j.x.d.i.d.DOMReference:530 - The input bytes to the digest operation are null. This may be due to a problem with the Reference URI or its Transforms.

Thats the only part that’s different from our old Apache setup. So my interpretation would be, that maybe no information came back from the client because caddy tries to redirect it to the wrong URI?

Since there was no more input i increased the logging level to debug. There are two errors. I guess someone who is smart enough probably knows the solution now, at least i hope so

{"level":"error","ts":1613584511.467625,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"76.45.32.493:65011","proto":"HTTP/2.0","method":"GET","host":"tomcat.mydomain.com","uri":"/","headers":{"Cookie":["adminer_sid=a1b3d168a271ab11179727eaa484b63e; adminer_key=1f8d555e6a1ca0afb1c19b042fbff9a3; adminer_permanent=; adminer_version=4.8.0; _ga=GA1.2.1330864484.1612980505"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15"],"Accept-Language":["de-de"],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"tomcat.mydomain.com"}},"common_log":"76.45.32.493 - - [17/Feb/2021:17:55:11 +0000] \"GET / HTTP/2.0\" 404 682","duration":0.181860157,"size":682,"status":404,"resp_headers":{"Server":["Caddy"],"Date":["Wed, 17 Feb 2021 17:55:11 GMT"],"Content-Type":["text/html;charset=utf-8"],"Content-Language":["en"],"Content-Length":["682"]}}

{"level":"error","ts":1613584521.32824,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"76.45.32.493:65015","proto":"HTTP/2.0","method":"GET","host":"tomcat.mydomain.com","uri":"/myapplication/login?1-1.IBehaviorListener.0-tabs-panel&_=1613584521084","headers":{"Wicket-Ajax-Baseurl":["login?1"],"Accept-Language":["de-de"],"Wicket-Ajax":["true"],"Referer":["https://tomcat.mydomain.com/myapplication/login?1"],"Accept-Encoding":["gzip, deflate, br"],"Accept":["application/xml, text/xml, */*; q=0.01"],"Cookie":["JSESSIONID=A7AE40AB0CE5D8DCC431566EDF839795; adminer_sid=a1b3d168a271ab11179727eaa484b63e; adminer_key=1f8d555e6a1ca0afb1c19b042fbff9a3; adminer_permanent=; adminer_version=4.8.0; _ga=GA1.2.1330864484.1612980505"],"X-Requested-With":["XMLHttpRequest"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"tomcat.mydomain.com"}},"common_log":"76.45.32.493 - - [17/Feb/2021:17:55:21 +0000] \"GET /myapplication/login?1-1.IBehaviorListener.0-tabs-panel&_=1613584521084 HTTP/2.0\" 400 821","duration":0.119464039,"size":821,"status":400,"resp_headers":{"Date":["Wed, 17 Feb 2021 17:55:21 GMT"],"Content-Type":["text/html;charset=utf-8"],"Content-Language":["en"],"Content-Length":["821"],"Server":["Caddy"]}}

With your configuration above, Caddy can neither generate status 400 messages nor redirect URIs.

Its only configured behaviour is to redirect HTTP->S and proxy the request upstream.

Can you curl the specific resource that’s producing 400 errors in your browser, but directly from tomcat?

With your configuration above, Caddy can neither generate status 400 messages nor redirect URIs.

I don’t thought it needed to redirect any URL. I join at tomcat.mydomain.com/myapplication and other paths like tomcat.mydomain.com/myapplication/installationcheckare working aswell. Just /myapplication/login?1 login?2 etc are not working. I just don’t know where to redirect the path /login to, maybe to tomcat:8080/myapplication/login, but do i need to know every following url for this?

Anyway, i did the curls for you, i hope its right, one time the base url /myapplication and one time /myapplication/login where the error happens. Edit: I think they are both the same/similar, because of the curl -l, but without -l i got no output in both cases.

curl -L tomcat.mydomain.de:8080/myapplication

<!DOCTYPE html>
<html lang="en">
<head><script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB0tcf1F2JraIiisy8GfXPLEwyPomWHlOMa3vYDVaCXohSwf9YAkB8P6NLxBT7W15nj2oJYlqN7zFYTH1W6ecQv_IYmzesvBZc4SEWLA8MFjcComQGr6hy44/2FUd0/05D5e/yZr40"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0Bsv1iTrtxjbHvYnzXZlIa0izqj3fARct5wLJECjm8sbyuqC0oa2ImsaMfDddqmOGys05EEZLZcE9JFsrsCZ1KpAwQfn6xN4rxtK9Eqn88Nx7c3i6jJX6q_vyDPhtYLM_cy3PGDdVgqt5Y0BQxDRVg4MNtjpnrqA-1RLw/2FUd0/ct5f3/Eqnc1/Cjm35/6q_43"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0Bsv1iTrtxjbHvYnzXZlIa0izqj3fARct5wLJECjm8sbyuqC0oa2ImsaMfDddqmOGys05EEZLZcE9JFsrsCZ1KpAwQhnJss_uwlqYjeZBrq1GYA-wT8AqYi3oxe0wObANyn7YVSN9OsHQR1DEKH00wBIVekoWKCCQePTg/2FUd0/ct5f3/jeZbe/Ynzd4/sCZ29"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="login?1";
/*]]>*/
</script>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title id="id4">Portal: Login</title>

<style type="text/css" id="com-acb-portal-web-view-base-center-BasePageNoAuthCenterLayout-0">
/*<![CDATA[*/

a.activeLoginLink {
font-weight: bold;
}
a.inactiveLoginLink {
}

/*]]>*/
</style>
<meta name="msapplication-TileImage" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square70x70logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square144x144logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square150x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-wide310x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square310x310logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-ver-30CE14A62077E6E8D985FB9BB860DCF6.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-ver-EC3BB52A00E176A7181D454DFFAEA219.css" />
<script type="text/javascript" src="./bootstrap/js/jquery.bootstrap.wizard-ver-B6AEB59679B836CA52D422BE8C9B420D.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-ver-8081BF89EB0AD0E3820F6C9044B5B45E.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-defaults-en_US-ver-8262F6DBE0373ABB69CF01C247F569C1.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-select-ver-1DDE27FD625567362692B22765E51596.css" />
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu25NofUF03qM64XMNO30pZ9QlczaW2GY3ZGBcbifuu8W2OJ30jVUYOb2Fz3psIdS2KRp56EmcfKr/2FUd0/Y3gec/ifu67"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu25NofUF03qMXp6ixy0lL2B8f-ygk5R8PMKVNfLObuFcbQmVY2SP3I8DRcXSpGZCcTUOYD-4DxYgam0T-exKiRQ/2FUd0/tq315/ZCc79"></script>
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu25NofUF03qMVy9thSM4o4Ex8zvVrouApmAu_8-U7lArz6eYozkd5crZThUYWhy91-gm7kqFzy4Ca7uq4XdYm_s/2FUd0/tq315/y91f0"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-datepicker-ver-8BC13C6760DDA7255AB76AF181BDE900.css" />
<script type="text/javascript" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdB3f-WbiIv1tq3jGV4Lahtyxi32lEGBb8F3eRMEHDILam5a3l523PyQ3TlqRrAWTpu3_WJEzqWPsGkxvTaP-zNFOVwNy2OrOyg8ZK70ei72pMI4QI_Xw3HOaTiggZ5LJqMeytZv5seRU6/2FUd0/Y3gec/ei732"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-multiselect-ver-5E4089B5BB6B95591588D5B4C24F67E7.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css" />
<script type="text/javascript" src="./nifty/js/nifty-ver-2DCAC023ACC71D2AADEBD37BB617C1FD.js"></script>
<script type="text/javascript" src="./nifty/js/load-dashboard-widgets-ver-CF79ACC0989E770DFBE4F3C9EC142EF3.js"></script>
<link rel="stylesheet" type="text/css" href="./nifty/css/nifty-ver-B41763A5CFA62BB38E5DDDCA1A65EF89.css" />
<link rel="stylesheet" type="text/css" href="./nifty/css/font-iconmoon-ver-0B733CDF91C485E57AF4C6A27CDF4CD9.css" />
<link rel="stylesheet" type="text/css" href="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBx_iQyPxVel8-G3I6m_cT_NSylKPswEJjL5iMf6js-dpWJkMICTJaJ55iiRdyulIv7Q9MMQVdUshq7z4cGqV78ArhquUXFFkpNb4HNDhz23FKoQeWrSRWFc/2FUd0/05D5e/yZr40" />
<link rel="stylesheet" type="text/css" href="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11x2LfsvAwXhRKcBqWYCYkW0nd3mx2HMJ2Hc9rGVGqtKewD-uus_UJFPIBjhwuJrZni1R50LzZfv6IRQcR1bvjf-kLxOHkztFs4/2FUd0/-moee/ozhcc" />
<link rel="stylesheet" type="text/css" href="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gOcAzcvEXhbKo_HTOjMcOzQE4aMCSFWL8m99_fdvS1pprSYp7k1xDuG6PmbCjpRmZS99j5eWbM-KmIi4f6Ym-35jRJ-yi5qqm4Z3_pU6WLuBIyuezdJ2YNy_MWYlke1YkF9YXrLLgqK0efDqpDH73e7Jecj41ffAVM/2FUd0/Y3gec/ke136" />
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) { 
$('.alert-wrap.in').remove();;
;
Wicket.Ajax.ajax({"u":"./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.IBehaviorListener.0-tabs-tabs~container-tabs-0-link","c":"id1","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.IBehaviorListener.0-tabs-tabs~container-tabs-1-link","c":"id2","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.IBehaviorListener.0-tabs-panel","c":"id3"});;
$('.selectpicker-live-search').selectpicker({liveSearch: true});
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
</head>
<body>
<div id="id5">
<div></div>
</div>
<div id="id6"></div>

<div id="container" class="cls-container">
<div id="bg-overlay" class="bg-img" style="background-image: url(&#039;./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPZBnwHf6OVkdIyFq5X6V41lDZXObE5pitINegcjaXggUnfJdjPc-nhEa5NWm7LPQKBYRNqX4IOTxDC8QdBf6hXmpWuasBv6pVD392qDYDig0uR09ZJ32A6_8R1uhLFqG4PNnJzQ0tTi0/2FUd0/aPZ3a/V4102&#039;)"></div>
<div class="row">
<div class="col-md-12 text-center pad-top">
<img src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPZBnwHf6OVkdIyFq5X6V41lDZXObE5pitINegcjaXggUnfJdjPc-nhEa5NWm7LPQKXe-lFlOEhgiL-YvC6D9XNICKQ72ffezdDjG5S7B9QIX6tVZoHGm6ccuu2V3R5kGL/2FUd0/Y3gec/2ffc1">
</div>
</div>
<div class="cls-content">
<div class="cls-content-lg" style="width: 350px">
<div id="id7" style="display:none"></div>


<div style="background-color: #f5f5f5;" id="id8">
<div class="tab-base">
<div class="">
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="tab0 active"><a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-tabs-tabs~container-tabs-0-link" id="id1"> <span>Portal Login</span>
</a></li><li role="presentation" class="tab1 last"><a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-tabs-tabs~container-tabs-1-link" id="id2"> <span>Alternate Login</span>
</a></li>
</ul>
</div>
<div class="tab-content" style="padding: 0px;">
<div role="tabpanel" class="tab-pane active" id="id3"><div><img alt="Loading..." src="./crypt.2FUmKDvtSUBS-mozh0Bsv1iTrtxjbHvYnzXZlIa0izqj3fARct5wLJECjm8sbyuqC0oa2ImsaMfDddqmOGys04pHQIyLY33boRFOA1-aIFxi6olX3tkFH01f8GGNUlU5U4WUlkeK8IDI2majFIyrDF3Fr_SvbgAg/2FUd0/Y33b8/ajFec"/></div></div>
</div>
</div>
</div>


</div>
</div>
<div class="row" style="position: fixed; bottom: 0; background-color: #CCC; color: #000; width: 100%; margin: 0px; padding: 5px; opacity: 0.7">
<div class="col-xs-5 col-md-5 text-left">
&copy;
2021
<a target="_blank" href="http://www.externaldomain.com">External Organization</a>
</div>
<div class="col-xs-2 col-md-2 text-center">

<a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-languageIcons-0-languageLink">
<img class="lang-flag" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPXHKPk0m4XFS2XwEsnHlEkfBGZGaBLwz3Nm5V2Y9X0RQFUXsdv6ndqTZJs8cJH5eCb5RR5HWgz5JVRG23eV6RLkY_59hSKftp/2FUd0/Lwz4e/3Nm01">
</a>

<a href="./login;jsessionid=D3D5FFE3C2C87F5B7F0149D4C692630A?1-1.ILinkListener-languageIcons-1-languageLink" class=" active">
<img class="lang-flag" src="./crypt.2FUmKDvtSUBS-mozh0BsvyZr6flOY3gO7rtjU05D11y_xuRprQKdBzhBrRjHOeaPXHKPk0m4XFS2XwEsnHlEkU0jbsLFnHjC6bgPsMosz9n3Z1Gh0A63zgcZmu_a_NHszWHY7LNGyFV5Nn1bar04pBWsgCXM-Xgk/2FUd0/nHjff/C6b9e">
</a>

</div>
<div class="col-xs-5 col-md-5 text-right">
<div id="ida">
<a target="_blank" href="https://portal.extorganization.com/eula/eula_en.pdf">EULA</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/privacy-notice/">Privacy notice</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/legal-notice/">Legal notice</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<span id="idb">Portal</span>&nbsp;
<span id="idc">1.04.5 (GA)</span>&nbsp;
<span class="text-muted" id="idd">enterprise-cb8dd5ba</span>&nbsp;&nbsp;
<span class="text-muted" id="ide">2021-02-11 11:30 UTC$</span>
</div>
</div>
</div>
</div>

</body>
</html>% 

curl -L tomcat.mydomain.de:8080/myapplication/login

<!DOCTYPE html>
<html lang="en">
<head><script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM__ZZC2FGzEbUX6nJtxnhbMXpC89Hl-MxeiUDh8qFHg_uWSNsg4JKc8tQXEJhAc_6gkefA8EZRJELg8tTodyw8IW-7CCCbOGEQPU3iFRNpESR_aaCWHvkHtU/9Qr59/6gk79/A8E9d"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLB3iZPVNgDDRBh8FbJSW9LGcZ_yBmXH09pQTIn3606lL1Nqot_RIyrBApWI2E83Jp5KSYhTZ5MRLdcjNBYpQur-0jFC7YdhLDVx9hGqhBX9usvmll4FoWn2UrNDkK5WeAt3QLA75rpD8Iglj9PADdV81UWjqgul_-Q/9Qr59/W9La9/2E884/YhT94/SYh21"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLB3iZPVNgDDRBh8FbJSW9LGcZ_yBmXH09pQTIn3606lL1Nqot_RIyrBApWI2E83Jp5KSYhTZ5MRLdcjNBYpQur_iCjMX2r57U0rDItdKIOFUdTrI5w6n7SQIJbsMrz-YllWWuY35AUo_qODmyn2mImIQEce2fv1iGw/9Qr59/W9La9/2E884/YhT94/SYh21"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="login?0";
/*]]>*/
</script>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title id="id4">Portal: Login</title>

<style type="text/css" id="com-acb-portal-web-view-base-center-BasePageNoAuthCenterLayout-0">
/*<![CDATA[*/

a.activeLoginLink {
font-weight: bold;
}
a.inactiveLoginLink {
}

/*]]>*/
</style>
<meta name="msapplication-TileImage" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square70x70logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square144x144logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square150x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-wide310x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square310x310logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-ver-30CE14A62077E6E8D985FB9BB860DCF6.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-ver-EC3BB52A00E176A7181D454DFFAEA219.css" />
<script type="text/javascript" src="./bootstrap/js/jquery.bootstrap.wizard-ver-B6AEB59679B836CA52D422BE8C9B420D.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-ver-8081BF89EB0AD0E3820F6C9044B5B45E.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-defaults-en_US-ver-8262F6DBE0373ABB69CF01C247F569C1.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-select-ver-1DDE27FD625567362692B22765E51596.css" />
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cArKJcMFe1lCTYMW0AQxu6-bmTMb7vM9Sv8wM3-eq0e9ZpxgyVIvnUD4jlseMN6VCrjpqs45z9pF3/9Qr59/c-1e6/nUD3c"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cArKJcMFe1lCTLxm9fgnHXR62nwRnTVhytC-60ZHXUb_foJ53k5boLsfr3a_Jjm2jlBA1YVDjVbkCerAgQ5gl4vw/9Qr59/_fo17/p_q81"></script>
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cArKJcMFe1lCTanrAEpFPt_42FXRY07X2H3XKiHYzarqSakTHJjSU_8grtwgeXmh3hgncXnYVpbZQB_cd43XTHnk/9Qr59/qSade/t_4c8"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-datepicker-ver-8BC13C6760DDA7255AB76AF181BDE900.css" />
<script type="text/javascript" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_zGG2EzLZxVcTI-p_qNzeXn1xNWvJ7EvckEE4qk12ttk-_A_6r7dYqlkMc-1Md-cApNOXQK4BljWgLk9AUkwtlsA1ZtWnMD2vSDw1CM-uNbWV9WteG56g0ZheDLcrdY3S6jxL4u0phQz/9Qr59/c-1e6/6g03e"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-multiselect-ver-5E4089B5BB6B95591588D5B4C24F67E7.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css" />
<script type="text/javascript" src="./nifty/js/nifty-ver-2DCAC023ACC71D2AADEBD37BB617C1FD.js"></script>
<script type="text/javascript" src="./nifty/js/load-dashboard-widgets-ver-CF79ACC0989E770DFBE4F3C9EC142EF3.js"></script>
<link rel="stylesheet" type="text/css" href="./nifty/css/nifty-ver-B41763A5CFA62BB38E5DDDCA1A65EF89.css" />
<link rel="stylesheet" type="text/css" href="./nifty/css/font-iconmoon-ver-0B733CDF91C485E57AF4C6A27CDF4CD9.css" />
<link rel="stylesheet" type="text/css" href="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_7mShCgqFkbsNyrha3xH0bi4mskEb1-q4yrnOhGlWIxL3sYIbBv-E1KCQkoa5g0W2iVtCzshRbV-j3aflVjpC6OMlLgguD73tXaG65IyDpTMBsAlLD5jFr8/9Qr59/W2i7d/G65f5" />
<link rel="stylesheet" type="text/css" href="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxtLjK7hGj19xmp0H9RsI4KihHM0orPKa25MjxEpIEX5l-URmzbfqSnvKSbh48HMTs7rkfi2flamOla38BWkZOdtt6dltniEjPw/9Qr59/Snv0a/Ola13" />
<link rel="stylesheet" type="text/css" href="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI0BZR7w7CZXXS8g3pvuN4k63CUJlZ5jj4CF3Un076YzhGvp65UkUWJOesNxvDKBwIN85hNSgMd59jnRJ2kK9rUymwlcaAOELNDIjUxaSZOiRHH4yrtA6_z9Wqz7zTE8-BLUnRuSc9w2KDe5HzfaQ4ju27L_7Noazb/9Qr59/RJ289/KDe3b" />
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) { 
$('.alert-wrap.in').remove();;
;
Wicket.Ajax.ajax({"u":"./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-0-link","c":"id1","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-1-link","c":"id2","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.IBehaviorListener.0-tabs-panel","c":"id3"});;
$('.selectpicker-live-search').selectpicker({liveSearch: true});
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
</head>
<body>
<div id="id5">
<div></div>
</div>
<div id="id6"></div>

<div id="container" class="cls-container">
<div id="bg-overlay" class="bg-img" style="background-image: url(&#039;./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6I6QtyOQPToKoPZ3od5h27kYLegY1r_eymQCM_MhDbq-L2CI5IXTN8xiEsrsKKK_qi8ptW_mqWVPWdY6pSABonpJwqC8kNNL-LQZILviVdIZmXipQl8XEEP4kJ0ojvRslynGJHks8Xh0/9Qr59/L-L8a/lIUd7&#039;)"></div>
<div class="row">
<div class="col-md-12 text-center pad-top">
<img src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6I6QtyOQPToKoPZ3od5h27kYLegY1r_eymQCM_MhDbq-L2CI5IXTN8xiEsrsKKK_qp7CBjGx-vPxZyeb7eVmgprcXJ5p7tl-MwbiKZz6ixOfEphNLK-rqj9jcdM8vmeEM/9Qr59/CI5ee/-Mw16">
</div>
</div>
<div class="cls-content">
<div class="cls-content-lg" style="width: 350px">
<div id="id7" style="display:none"></div>


<div style="background-color: #f5f5f5;" id="id8">
<div class="tab-base">
<div class="">
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="tab0 active"><a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-tabs-tabs~container-tabs-0-link" id="id1"> <span>Portal Login</span>
</a></li><li role="presentation" class="tab1 last"><a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-tabs-tabs~container-tabs-1-link" id="id2"> <span>Alternate Login</span>
</a></li>
</ul>
</div>
<div class="tab-content" style="padding: 0px;">
<div role="tabpanel" class="tab-pane active" id="id3"><div><img alt="Loading..." src="./crypt.9QrwV0sXnCFqFyTgHxzbLB3iZPVNgDDRBh8FbJSW9LGcZ_yBmXH09pQTIn3606lL1Nqot_RIyrBApWI2E83Jp4pSCdVF-J77ztA_1iGwp6tM4MaCnV9atNL49hIJ_tteUvd4fgCMhR3bfLZdNJJDJ3FygLnLja96/9Qr59/yTg1b/06lb5"/></div></div>
</div>
</div>
</div>


</div>
</div>
<div class="row" style="position: fixed; bottom: 0; background-color: #CCC; color: #000; width: 100%; margin: 0px; padding: 5px; opacity: 0.7">
<div class="col-xs-5 col-md-5 text-left">
&copy;
2021
<a target="_blank" href="http://www.externaldomain.com">External Organization</a>
</div>
<div class="col-xs-2 col-md-2 text-center">

<a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-languageIcons-0-languageLink">
<img class="lang-flag" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6bCHRLsTMEgMav3WUcPusbIfjB42f5bmpP5ewbuUdLrGI8bTteXZ4XdnijJ1YOlZ0K5s2R4ew1-IhSYSpoamtOwavN4Uk0-ST/9Qr59/yTg1b/Euy88">
</a>

<a href="./login;jsessionid=2706F0C2BC60B5C10A46E397C1BF06D9?0-1.ILinkListener-languageIcons-1-languageLink" class=" active">
<img class="lang-flag" src="./crypt.9QrwV0sXnCFqFyTgHxzbLJLlIUo3diXI_C_lKWOXNxuA4BCsSeoM_3LHWFqvEuy6bCHRLsTMEgMav3WUcPusbEevSCGbc2H3F5Mk1LaeyMxMYpk1jChaYTDOf67p6r8UoJCn4h4n8aPQO0Rvb0ieHrqho-BzOfgu/9Qr59/yTg1b/Euy88">
</a>

</div>
<div class="col-xs-5 col-md-5 text-right">
<div id="ida">
<a target="_blank" href="https://portal.extorganization.com/eula/eula_en.pdf">EULA</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/privacy-notice/">Privacy notice</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/legal-notice/">Legal notice</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<span id="idb">Portal</span>&nbsp;
<span id="idc">1.04.5 (GA)</span>&nbsp;
<span class="text-muted" id="idd">enterprise-cb8dd5ba</span>&nbsp;&nbsp;
<span class="text-muted" id="ide">2021-02-11 11:30 UTC$</span>
</div>
</div>
</div>
</div>

</body>
</html>%

Thanks as always

Yes, but it doesn’t alter the URIs. It should be passing them through, unaltered, from the client - so any URI changes will be handled between tomcat and the client.

These show good results for those, but I was more thinking about this:

i.e. the specific resource which fails in your browser when accessing the site via the Caddy proxy - does this also produce a 400 error if you curl it directly from the tomcat server?

Ah ok, since the URL is changing after every try, i did a curl -L of the login page again and took the ‘BehaviorListener’ URL of the output and curled this:

curl -L tomcat.mydomain.com:8080/myappliaction/login;jsessionid=03DDEFFED8D23B57F823F1D588E4F781?1-1.IBehaviorListener.0-tabs-panel

<!DOCTYPE html>
<html lang="en">
<head><script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX7qEBdOA-BcgYbI8OenyjwsNsEUq877n5Ux-U487w5TN8ZJ2g0QsmwHSZmQf1vc4DnumQLXRkZCN1JSJjO9x98_qgp9smf-9mg4a76vduAqm27It3pxbolU/BxT0d/hLSde/Ux-d9"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZlRmkaMHEqmAkwgKaoonJM2qF-XD8c40EXNP2paYS6fYwNUh-dgvN_b3mjfSz4DRnWKSQBTl9jkFV-JHxEbisvzkehOm9cMj1p2Ci1aZS935eq_O8DSJfGEX6eP_ddBvSFG0BA4RSaxPwRAlVi5X0X4hgG-4vRezDw/BxT0d/DSJ7a/MHE19/vzk36/lVi4e"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZlRmkaMHEqmAkwgKaoonJM2qF-XD8c40EXNP2paYS6fYwNUh-dgvN_b3mjfSz4DRnWKSQBTl9jkFV-JHxEbisvySOepIuHUTAhRSvH3xsI5jqKmHhh2DUuXYnko5azzDvEzbw8X3_TyvzRp-yCaIoPJMVRBm14r_ig/BxT0d/h2D09/yvz6c/RnW4a/HxEc4"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="login?0";
/*]]>*/
</script>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title id="id4">Portal: Login</title>

<style type="text/css" id="com-tvs-portal-web-view-base-center-BasePageNoAuthCenterLayout-0">
/*<![CDATA[*/

a.activeLoginLink {
font-weight: bold;
}
a.inactiveLoginLink {
}

/*]]>*/
</style>
<meta name="msapplication-TileImage" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square70x70logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square144x144logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square150x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-wide310x150logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<meta name="msapplication-square310x310logo" content="./apple-touch-icon-180x180-precomposed-ver-F533E442C655A5B17C520949CCAC3F5A.png" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-ver-30CE14A62077E6E8D985FB9BB860DCF6.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-ver-EC3BB52A00E176A7181D454DFFAEA219.css" />
<script type="text/javascript" src="./bootstrap/js/jquery.bootstrap.wizard-ver-B6AEB59679B836CA52D422BE8C9B420D.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-ver-8081BF89EB0AD0E3820F6C9044B5B45E.js"></script>
<script type="text/javascript" src="./bootstrap/js/bootstrap-select-defaults-en_US-ver-8262F6DBE0373ABB69CF01C247F569C1.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-select-ver-1DDE27FD625567362692B22765E51596.css" />
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5rqx2my36WluqEfLOLCtiVab21RMyOFrem_SRFOY2DE7A8t5mJv_IgqXyjBcX87zMGWBqt_OA2e6k/BxT0d/HVR93/VNgfe"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5rqx2my36WluqV52ayG4eE2qEPjWGSjQNd4wOnsEHr3OfKwEDJgQlA708XrNIhoSeR-g8YY7Gv7MDB3nLuH2x538/BxT0d/7hL2a/Kpl56"></script>
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5rqx2my36WluqYHHzh9m6-EZEAoswf75SyD1qcrkMYkroEmJTuRJj0e9s0Yuh5eAq8ouCL1oDyhM8Tryl3xaYfLM/BxT0d/7hL2a/Kpl56"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-datepicker-ver-8BC13C6760DDA7255AB76AF181BDE900.css" />
<script type="text/javascript" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX6aCPRzVKplTOVtjq12Z0MOOadr6mT51PKfSVZacNbeehHVRIY4e_MT70l2Bl4l5ro-5a5dE3tBBMAp3Yia67xYCJlorEpGpDUqf87bE2QVpXQWs1JLx0rJx6QAxykXQk04adstwR-D6/BxT0d/HVR93/VNgfe"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css" />
<script type="text/javascript" src="./bootstrap/js/bootstrap-multiselect-ver-5E4089B5BB6B95591588D5B4C24F67E7.js"></script>
<link rel="stylesheet" type="text/css" href="./bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css" />
<script type="text/javascript" src="./nifty/js/nifty-ver-2DCAC023ACC71D2AADEBD37BB617C1FD.js"></script>
<script type="text/javascript" src="./nifty/js/load-dashboard-widgets-ver-CF79ACC0989E770DFBE4F3C9EC142EF3.js"></script>
<link rel="stylesheet" type="text/css" href="./nifty/css/nifty-ver-B41763A5CFA62BB38E5DDDCA1A65EF89.css" />
<link rel="stylesheet" type="text/css" href="./nifty/css/font-iconmoon-ver-0B733CDF91C485E57AF4C6A27CDF4CD9.css" />
<link rel="stylesheet" type="text/css" href="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX97BJZ90mu8s3rLDH72_G7q6tP13UfcpoHGsjFNBnWxZqJ24WDRtt33GX0ENU2sz1W7ZDec2pbTDJ1csTrRf1S1VoOBwFuU04h1cL12UYEvixkIMjQnUpLo/BxT0d/hLSde/HGsf3" />
<link rel="stylesheet" type="text/css" href="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa5of7AOJuCeU4jikbma56XezZUho99ogUN6yB8k0FypcMeqfABCOS5AgEoCaz7hCFsHLj0vLJYjULtQJUiN-SfmdtSsPmrHfWY/BxT0d/aa534/IZk09" />
<link rel="stylesheet" type="text/css" href="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgHi--y0DrMURedw6F3x3tw6BGJX0lgfrhJ_DtbK3AoijiV3qJFp6EHv8WPE7sSHl44m4e-C7S2RY7-OCqppI4Wlkdh0CnAifHp2Hdk3lVLcYJT5T1lQo0B8zlRavrJIgLl3nE4qnXKN9hdI7-vmWNBFC_KOhdH-ed/BxT0d/m4ead/p2H15" />
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) { 
$('.alert-wrap.in').remove();;
;
Wicket.Ajax.ajax({"u":"./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-0-link","c":"id1","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.IBehaviorListener.0-tabs-tabs~container-tabs-1-link","c":"id2","e":"click","pd":true});;
Wicket.Ajax.ajax({"u":"./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.IBehaviorListener.0-tabs-panel","c":"id3"});;
$('.selectpicker-live-search').selectpicker({liveSearch: true});
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
</head>
<body>
<div id="id5">
<div></div>
</div>
<div id="id6"></div>

<div id="container" class="cls-container">
<div id="bg-overlay" class="bg-img" style="background-image: url(&#039;./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPwBdr9_S3in8ANjr_qVhbyQbZfFUHDZljP_QpiTABsq4VJnmv7EyyczjZ2U051wLaAxPw_VYNCUbtieJdEOmTi3GC-afP-eLbWUnfRtRozELAoomhvK6TLr-dQJcoIow9cLy3pD19awM/BxT0d/7hL2a/iaF4d&#039;)"></div>
<div class="row">
<div class="col-md-12 text-center pad-top">
<img src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPwBdr9_S3in8ANjr_qVhbyQbZfFUHDZljP_QpiTABsq4VJnmv7EyyczjZ2U051wLa5SF0PGvo-pbSG1xmP8JXRllAd4hIjn1Ahw9zPkOAXY1N02fkHWY9448IYYUGbJaB/BxT0d/_Qp3d/ljPe1">
</div>
</div>
<div class="cls-content">
<div class="cls-content-lg" style="width: 350px">
<div id="id7" style="display:none"></div>


<div style="background-color: #f5f5f5;" id="id8">
<div class="tab-base">
<div class="">
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="tab0 active"><a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-tabs-tabs~container-tabs-0-link" id="id1"> <span>Alternate Login</span>
</a></li><li role="presentation" class="tab1 last"><a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-tabs-tabs~container-tabs-1-link" id="id2"> <span>Self Service Login</span>
</a></li>
</ul>
</div>
<div class="tab-content" style="padding: 0px;">
<div role="tabpanel" class="tab-pane active" id="id3"><div><img alt="Loading..." src="./crypt.BxT3oLHmyfAvbB22ySXIZlRmkaMHEqmAkwgKaoonJM2qF-XD8c40EXNP2paYS6fYwNUh-dgvN_b3mjfSz4DRnc_GXcyVuY3zpDO_76sCR1g5jsJF9R6kz-o0SfaAFuzWwnClbzfhkg173nYzdVQlgRDbTH2RKAAp/BxT0d/DO_d3/Clb88"/></div></div>
</div>
</div>
</div>


</div>
</div>
<div class="row" style="position: fixed; bottom: 0; background-color: #CCC; color: #000; width: 100%; margin: 0px; padding: 5px; opacity: 0.7">
<div class="col-xs-5 col-md-5 text-left">
&copy;
2021
<a target="_blank" href="http://www.externaldomain.com">External Company</a>
</div>
<div class="col-xs-2 col-md-2 text-center">

<a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-languageIcons-0-languageLink">
<img class="lang-flag" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPFOtw5h2hXwhG58GfWkCt-1kVYfS8kXNuyKOC7AgIQPpFJPItqS6Gqp3Erz4GCe7TZjZ4NjMm2B4xARbiFS4w6liGek6vgfpn/BxT0d/KOC1e/OC762">
</a>

<a href="./login;jsessionid=04669B24A9084C8B7C9F79C556F78E8F?0-1.ILinkListener-languageIcons-1-languageLink" class=" active">
<img class="lang-flag" src="./crypt.BxT3oLHmyfAvbB22ySXIZk3Okb55YVNgXUqRHkd9aa7hLSyzUZPoX3xfH88giaFPFOtw5h2hXwhG58GfWkCt-62nzsNvlaYzhFR8TMam-5Equ8OGA825iEKgtKzbxfzh2JxkPIgwSSVOQS8hxZyFPFPgcBXeX4Wu/BxT0d/FR87b/3Ok2e">
</a>

</div>
<div class="col-xs-5 col-md-5 text-right">
<div id="ida">
<a target="_blank" href="https://portal.extorganization.com/eula/eula_en.pdf">EULA</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/privacy-notice/">Privacy notice</a>&nbsp;|&nbsp;
<a target="_blank" href="https://www.extorganization.com/en/legal-notice/">Legal notice</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<span id="idb">Portal</span>&nbsp;
<span id="idc">1.04.5 (GA)</span>&nbsp;
<span class="text-muted" id="idd">enterprise-cb8dd5ba</span>&nbsp;&nbsp;
<span class="text-muted" id="ide">2021-02-11 11:30 UTC$</span>
</div>
</div>
</div>
</div>

</body>
</html>%

Can you compare the output of

curl -kIL tomcat.mydomain.com:8080/myappliaction/login;jsessionid=03DDEFFED8D23B57F823F1D588E4F781?1-1.IBehaviorListener.0-tabs-panel

With the output of

curl -kIL tomcat.mydomain.com/myappliaction/login;jsessionid=03DDEFFED8D23B57F823F1D588E4F781?1-1.IBehaviorListener.0-tabs-panel

I would like to see what kind of redirection and header detail we get between Caddy and Tomcat.

I would like to see what kind of redirection and header detail we get between Caddy and Tomcat.

Here we go, first is via Caddy, second is tomcat directly:

curl -kIL tomcat.mydomain.de/myapplication/login;jsessionid=48F98C5F28351AEFF17CA0A64F4D091E?1-1.IBehaviorListener.0-tabs-panel

HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://tomcat.mydomain.de/myapplication/login
Server: Caddy
Date: Fri, 19 Feb 2021 17:42:55 GMT

HTTP/2 302 
cache-control: no-cache, no-store
date: Fri, 19 Feb 2021 17:42:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: ./login;jsessionid=8EDE838A7DE22CA0D7785BF465840E3D?0
pragma: no-cache
server: Caddy
set-cookie: JSESSIONID=8EDE838A7DE22CA0D7785BF465840E3D; Max-Age=86400; Expires=Sat, 20-Feb-2021 17:42:55 GMT; Path=/myapplication; HttpOnly

HTTP/2 200 
cache-control: no-cache, no-store
content-type: text/html;charset=UTF-8
date: Fri, 19 Feb 2021 17:42:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Caddy

curl -kIL tomcat.mydomain.de:8080/myapplication/login;jsessionid=E2E57A30A06C9765F88648725FB5B6F7?1-1.IBehaviorListener.0-tabs-panel

HTTP/1.1 302 
Set-Cookie: JSESSIONID=03C39972FAAE2712025B4311C500849B; Max-Age=86400; Expires=Sat, 20-Feb-2021 17:45:04 GMT; Path=/myapplication; HttpOnly
Date: Fri, 19 Feb 2021 17:45:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Location: ./login;jsessionid=03C39972FAAE2712025B4311C500849B?0
Transfer-Encoding: chunked

HTTP/1.1 200 
Date: Fri, 19 Feb 2021 17:45:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked

After everything i do i try to search the words that i don’t know in the community. This time it was Transfer-Encoding: chunked. I don’t know if this might be a problem, but there are a lot of posts with this part in it and i’m not able to find anything useful for me.

Based on a lot of posts regarding tomcat i tried a bunch of things like

tomcat.mydomain.com {
  matcher a {
     path /
   }
   rewrite match:a /myapplication
   reverse_proxy match:a tomcat:8080 {
   }
}

Caddy aborting with “unrecognized directive”

tomcat.mydomain.com {
    redir / /myapplication/ 308
    reverse_proxy tomcat:8080 {
        flush_interval -1
    }
}

And a bunch of others. I’m realy not understanding why reverse proxiing http is working, but https is not. I thought https i terminating at Caddy’s side and after that everything is send to tomcat.

And from previous testing i think that sometimes the browser tries to access files like ./login;jsessionid=03C39972FAAE2712025B4311C500849B?0 and probably is looking for that at tomcat.mydomain.com/.login;jsessionid… instead of tomcat.mydomain.com/myapplication/.login;jsessionid… right? Is there something that can add /mydomain to requests on the base URL? I thought the first one could to this. I fount it for a Guacamole issue, there the requester wanted to get rid off the path, i want to add it i guess.

I hope somebody can have another look at this, i really would love to use Caddy for all of my services, just this one is not working

Regards

This is an old example from early v2 betas, before we switched to using @ as the matcher prefix, which is why you got that error.

Honestly, those curl responses from a while back actually look good; there wasn’t any 400 there for the login form, they both gave you text/html.

You wrote in your first post that:

tomcat:8080/myapplication → worked
tomcat.mydomain.com/myapplication → worked
tomcat.mydomain.com/ → doesn’t work

Is the issue still just the login form not working?

Does tomcat:8080/ (that is, without /myapplication) work? Or is it broken the same way it is through Caddy without the path?

If you’re just looking for a way to have Caddy enforce that path prefix, you can do it with a simple matcher and redirect:

@unprefixed not path /myapplication*
redir @unprefixed /myapplication{uri}

# Or you can use this to handle it transparently to the client:
# rewrite @unprefixed /myapplication{uri}

tomcat:8080/myapplication → worked
tomcat.mydomain.com/myapplication → worked
tomcat.mydomain.com/ → doesn’t work

Is the issue still just the login form not working?

When i access tomcat directly via tomcat.mydomain.com:8080/myapplication the website is loading and working as expected.

When i use caddy and define just http://tomcat.mydomain.com reverse_proxy tomcat:8080, i can access http://tomcat.mydomain.com/myapplication and it’s woking:

Screenshot 2021-03-16 at 07.20.30@2x694×606 16 KB

When is switch from http to https or the domain only in the caddyfile and access https://tomcat.mydomain.com/myapplication it’s showing the whole site, but the login form is missing:

Screenshot 2021-03-16 at 07.23.21@2x706×328 14 KB

@unprefixed not path /myapplication*
redir @unprefixed /myapplication{uri}

Or you can use this to handle it transparently to the client:
rewrite @unprefixed /myapplication{uri}

I tried both, but nothing changed. even if i go to https:///tomcat.mydomain.com i would expect it’s redirecting to /myapplication, but it just.says “It works!” as always when accessing the base URL without a path. I’ll try to remove this default page from tomcat, but it’s working with https and directly aswell, so i don’t think this might be the issue.

Hmm. If you tried the redir approach and it did nothing at all, that kinda smells like the config change didn’t stick.

Try the redir approach again, but add this line to the Caddyfile inside the tomcat.mydomain.com site block:

header My-Test-Header test

Then curl -kIL tomcat.mydomain.com/ again and look for the header.

As requested:

Caddyfile (hope thats right):

https://tomcat.mydomain.com {
    @unprefixed not path /myapplication*
    redir @unprefixed /myapplication{uri}
    header My-Test-Header test
    reverse_proxy tomcat:8080 {
    }
}

And the curl output:

~ % curl -kIL tomcat.mydomain.com

HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://tomcat.mydomain.com/
Server: Caddy
Date: Tue, 16 Mar 2021 08:25:51 GMT

HTTP/2 302 
location: /myapplication/
my-test-header: test
server: Caddy
date: Tue, 16 Mar 2021 08:25:51 GMT

HTTP/2 302 
cache-control: no-cache, no-store
date: Tue, 16 Mar 2021 08:25:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: ./login;jsessionid=22B07C4079DE46178EA0D87F00ED50BB
my-test-header: test
pragma: no-cache
server: Caddy
set-cookie: JSESSIONID=22B07C4079DE46178EA0D87F00ED50BB; Max-Age=86400; Expires=Wed, 17-Mar-2021 08:25:55 GMT; Path=/myapplication; HttpOnly

HTTP/2 302 
cache-control: no-cache, no-store
date: Tue, 16 Mar 2021 08:25:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: ./login;jsessionid=22B07C4079DE46178EA0D87F00ED50BB?1
my-test-header: test
pragma: no-cache
server: Caddy

HTTP/2 200 
cache-control: no-cache, no-store
content-type: text/html;charset=UTF-8
date: Tue, 16 Mar 2021 08:25:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
my-test-header: test
pragma: no-cache
server: Caddy

That looks good!

First request redirects to HTTPS (handled by Caddy’s Automatic HTTPS before the website configuration really does anything). Second is handled by the @unprefixed redirect and sends you to the /myapplication/ URI.

You can pull the header directive out now.

So we have:

• A working Caddy server, that
• Redirects to HTTPS and enforces the application prefix, and
• Appears to respond properly to a HTTPS request for the login form (seen here: Tomcat --> reverse_proxy Caddy. http=ok, https=login form missing - #10 by EdFred)

But we ostensibly still don’t have the login form appearing in the browser itself.

Can you load the page in a browser with the developer tools enabled? Maybe the browser itself will explain why it isn’t properly showing that content.

It’s just on thing that isnt able to load, here is the direct access via tomcat:8080

Screenshot 2021-03-19 at 10.55.21@2x652×600 51.1 KB

Screenshot 2021-03-19 at 10.53.55@2x2144×762 122 KB

Screenshot 2021-03-19 at 10.54.35@2x2146×786 145 KB

And via caddy:443

Screenshot 2021-03-19 at 10.55.47@2x660×516 40.4 KB

Screenshot 2021-03-19 at 10.53.36@2x2010×524 51.7 KB

Screenshot 2021-03-19 at 10.53.44@2x2012×194 27.9 KB

So it provides a tomcat error site. But since it’s working with Caddy in http mode, it must be something that Caddy is doing different this time. It should receive some xml file, but instead it’s getting an http error. Maybe any headers that are lost in between, or something else, usually webservers are something that i set up by manuals, 99% of the time i’m doing other things for living so this is nothing were i’m good at

The only difference I could envision is Caddy passing X-Forwarded-Proto: https on HTTPS requests and Tomcat not being happy about it. Which is frankly insane, but

Maybe try adding header_up -X-Forwarded-Proto as an option to reverse_proxy to tell Caddy not to do that. Bit of a long-shot.

Nope

Since you say it might be a tomcat issue i got the access logs, and with that i guess i got all logs that are possible to get

Tomcat via port 8080, site is loading correctly

74.42.543.234 - - [19/Mar/2021:13:49:58 +0000] "GET / HTTP/1.1" 404 682
74.42.543.234 - - [19/Mar/2021:13:50:00 +0000] "GET /myapplication HTTP/1.1" 302 -
74.42.543.234 - - [19/Mar/2021:13:50:02 +0000] "GET /myapplication/login?3 HTTP/1.1" 302 -
74.42.543.234 - - [19/Mar/2021:13:50:02 +0000] "GET /myapplication/ HTTP/1.1" 302 -
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/login HTTP/1.1" 302 -
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/login?3 HTTP/1.1" 200 9445
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf4uM7uNnwjJxWebwrJZ9vyHa61bFfsAhyf8m__gKVKq5Rwk3hc6edU1QNmmOTyI18q1SJjbFKs46Duw64VNoQYzbpv9DaPWTgA/pVwe0/Qfa3b/Ha67c/Webd3/uXm59 HTTP/1.1" 200 4072
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf4uM7uNnwjJxWebwrJZ9vyFLFbEf7UwLaiGvEkRZI4T7m7cWE4iZ7D-ggDtfFKSX-a7S-ZpFkvPy6wo8Va1md6WjMYSmRdE4HQ/pVwe0/Qfa3b/FLF6f/CSq00/HQpc6 HTTP/1.1" 200 43539
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck8KM1B8xGFmvq3PMDl5MNOGUtkuaZQ2hL5grJu5i5Dn5coprUDBzDnIa8h4RwkJyTDikOw_EVfG-A/pVwe0/xAYef/Utk5b HTTP/1.1" 200 517
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck81-TYzFAaSb5D2b6kagV9_HSFRXo478wKucFQ3kKtcjFaPVIj8KIf_vVKT4R7ebf_/pVwe0/47834/K9D15 HTTP/1.1" 200 34149
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck8rgW3Ni65KSJQv_9RcGVl6_pXzXqkY0F6zirxWJXKEUz5I8jVdTv8_sTNrBAjne0wmkZF2nG9-sY/pVwe0/xAYef/_pXd6 HTTP/1.1" 200 518
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ19Wg9oh5rnIF9AEiYsJAwsyRYHXxpotnlmh06S5gGeYquhcTxJpw6q3txeCBAj4hrtwP8HpeMCpog67KNR5DN46Sz8lQh0whDHd3ZpBp8KDezX0onwVuI0/pVwe0/6JDff/j4hcd HTTP/1.1" 200 85513
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjYZ_OCV7DcvvJWDSGLpq5yUPXLW--XBd0oAdiHqFlMhXmYhK7EGOG_k9S_yWSrJ2IGshN3C1eDF8Cl1SzvWZhIkEV_2_QtJg6xV2Md_om3ybuaOsLR0EHv7boMtmEzJCjQ0IARjxJSuBlGMnOqYaQN857QxC7Th0ha/pVwe0/zJCc2/_OCb2 HTTP/1.1" 200 649
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSouloN4Ew4Y9VL0jVpQuxuQWrHbvlBtWDASj-357nVrHXwzd8xenYL0cG9ipbTvVvzZ045GCxFGSJRO3mzGlwra30It6F7knp8c/pVwe0/knp1c/cG9b4 HTTP/1.1" 200 4117
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjuMYm5wnJMwwoCp1EDj_jfzHvq0e3y7umluBLi9_MfqFNNNhT3i3nc36HSGUPQi1Yx4v0bQpmSxo/pVwe0/_Mf77/KSo06 HTTP/1.1" 200 8802
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ1Lbtxr0EM_xqcJFe-AIFcqsJFnaxRLpGH_CspBVidHSq8xc3mF-Gty_4jsxtKkUyyhSXrjKM77MU6gtaZBnGaLtNWP_N5tVCOWDXeek42CKdsYY66hJ5Iw/pVwe0/6JDff/kUy8e HTTP/1.1" 200 2287
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ecqJamorHsYVBil6wDvAJ5ek-oxxJ8mA6aCx49dih6_sw8XzGM99acB3QQaucdJUlPlMPW7lEKrwzWzQ_iOWtpxcy9aOx5_cY/pVwe0/x5_c1/6aC37 HTTP/1.1" 200 599
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ewQrhuy48qLQKrXKESSKQfKs68ZtwgKbM0jtTBc4HhlFmI5L7_oq59iS4R8GKxoxfkKyCOTO2PRnlKx6nPfHvX_60gjrfZJJlELIK9AEXlQyJGGBoyfQrw1aDfxN_kFNb/pVwe0/fZJ25/hlFb1 HTTP/1.1" 200 8369
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ecqJamorHsYVBil6wDvAJ5TP9ll9hzeDf-Icv-OXvF0mBl8NoZ3Cfn2ek8T-e693259fTXsh19hE2K7mfpCZCQTy2JQ4z7C2z/pVwe0/z7C45/fCSf5 HTTP/1.1" 200 545
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf0daPJP6srWkzC-LW9M61uy_bVWJSsNdJ1yE7oveV9qzlNIyvLgrp5QMASrdrZdKWDsQYGabzABO/pVwe0/bzA78/qj0e6 HTTP/1.1" 200 1553
74.42.543.234 - - [19/Mar/2021:13:50:05 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ewQrhuy48qLQKrXKESSKQfKs68ZtwgKbM0jtTBc4HhlFmI5L7_oq59iS4R8GKxoxfG0h9fM5ffE6yl9qt31Bp0UOAtjMeSA-nwbaYUEJmiVydKFj_XbrfTX24l8NeQnQl4npZT4_Vcy8/pVwe0/I5L1f/_oqc0 HTTP/1.1" 200 1859477
74.42.543.234 - - [19/Mar/2021:13:50:06 +0000] "GET /myapplication/login?3-1.IBehaviorListener.0-tabs-panel&_=1616161805533 HTTP/1.1" 200 5976

Caddy via HTTP, site is loading correctly

172.23.0.2 - - [19/Mar/2021:13:59:52 +0000] "GET /myapplication HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:59:56 +0000] "GET /myapplication/ HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:59:56 +0000] "GET /myapplication/ HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:59:58 +0000] "GET /myapplication/login HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:59:58 +0000] "GET /myapplication/login?6 HTTP/1.1" 200 9447
172.23.0.2 - - [19/Mar/2021:13:59:58 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ19Wg9oh5rnIF9AEiYsJAwsyRYHXxpotnlmh06S5gGeYquhcTxJpw6q3txeCBAj4hrtwP8HpeMCpog67KNR5DN46Sz8lQh0whDHd3ZpBp8KDezX0onwVuI0/pVwe0/6JDff/j4hcd HTTP/1.1" 200 85513
172.23.0.2 - - [19/Mar/2021:13:59:58 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck81-TYzFAaSb5D2b6kagV9_HSFRXo478wKucFQ3kKtcjFaPVIj8KIf_vVKT4R7ebf_/pVwe0/47834/K9D15 HTTP/1.1" 200 34149
172.23.0.2 - - [19/Mar/2021:13:59:58 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf4uM7uNnwjJxWebwrJZ9vyHa61bFfsAhyf8m__gKVKq5Rwk3hc6edU1QNmmOTyI18q1SJjbFKs46Duw64VNoQYzbpv9DaPWTgA/pVwe0/Qfa3b/Ha67c/Webd3/uXm59 HTTP/1.1" 200 4072
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck8KM1B8xGFmvq3PMDl5MNOGUtkuaZQ2hL5grJu5i5Dn5coprUDBzDnIa8h4RwkJyTDikOw_EVfG-A/pVwe0/xAYef/Utk5b HTTP/1.1" 200 517
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf4uM7uNnwjJxWebwrJZ9vyFLFbEf7UwLaiGvEkRZI4T7m7cWE4iZ7D-ggDtfFKSX-a7S-ZpFkvPy6wo8Va1md6WjMYSmRdE4HQ/pVwe0/Qfa3b/FLF6f/CSq00/HQpc6 HTTP/1.1" 200 43539
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck8rgW3Ni65KSJQv_9RcGVl6_pXzXqkY0F6zirxWJXKEUz5I8jVdTv8_sTNrBAjne0wmkZF2nG9-sY/pVwe0/xAYef/_pXd6 HTTP/1.1" 200 518
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjuMYm5wnJMwwoCp1EDj_jfzHvq0e3y7umluBLi9_MfqFNNNhT3i3nc36HSGUPQi1Yx4v0bQpmSxo/pVwe0/_Mf77/KSo06 HTTP/1.1" 200 8802
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/bootstrap/css/bootstrap-tagsinput-ver-129A15FA2D0E25F7EAFC8EF226733718.css HTTP/1.1" 200 1336
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/bootstrap/css/bootstrap-multiselect-ver-9155D983757155EC614713EADD9D18D7.css HTTP/1.1" 200 1454
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSouloN4Ew4Y9VL0jVpQuxuQWrHbvlBtWDASj-357nVrHXwzd8xenYL0cG9ipbTvVvzZ045GCxFGSJRO3mzGlwra30It6F7knp8c/pVwe0/knp1c/cG9b4 HTTP/1.1" 200 4117
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ1Lbtxr0EM_xqcJFe-AIFcqsJFnaxRLpGH_CspBVidHSq8xc3mF-Gty_4jsxtKkUyyhSXrjKM77MU6gtaZBnGaLtNWP_N5tVCOWDXeek42CKdsYY66hJ5Iw/pVwe0/6JDff/kUy8e HTTP/1.1" 200 2287
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf0daPJP6srWkzC-LW9M61uy_bVWJSsNdJ1yE7oveV9qzlNIyvLgrp5QMASrdrZdKWDsQYGabzABO/pVwe0/bzA78/qj0e6 HTTP/1.1" 200 1553
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjYZ_OCV7DcvvJWDSGLpq5yUPXLW--XBd0oAdiHqFlMhXmYhK7EGOG_k9S_yWSrJ2IGshN3C1eDF8Cl1SzvWZhIkEV_2_QtJg6xV2Md_om3ybuaOsLR0EHv7boMtmEzJCjQ0IARjxJSuBlGMnOqYaQN857QxC7Th0ha/pVwe0/zJCc2/_OCb2 HTTP/1.1" 200 649
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ewQrhuy48qLQKrXKESSKQfKs68ZtwgKbM0jtTBc4HhlFmI5L7_oq59iS4R8GKxoxfkKyCOTO2PRnlKx6nPfHvX_60gjrfZJJlELIK9AEXlQyJGGBoyfQrw1aDfxN_kFNb/pVwe0/fZJ25/hlFb1 HTTP/1.1" 200 8369
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ecqJamorHsYVBil6wDvAJ5TP9ll9hzeDf-Icv-OXvF0mBl8NoZ3Cfn2ek8T-e693259fTXsh19hE2K7mfpCZCQTy2JQ4z7C2z/pVwe0/z7C45/fCSf5 HTTP/1.1" 200 545
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ecqJamorHsYVBil6wDvAJ5ek-oxxJ8mA6aCx49dih6_sw8XzGM99acB3QQaucdJUlPlMPW7lEKrwzWzQ_iOWtpxcy9aOx5_cY/pVwe0/x5_c1/6aC37 HTTP/1.1" 200 599
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ewQrhuy48qLQKrXKESSKQfKs68ZtwgKbM0jtTBc4HhlFmI5L7_oq59iS4R8GKxoxfG0h9fM5ffE6yl9qt31Bp0UOAtjMeSA-nwbaYUEJmiVydKFj_XbrfTX24l8NeQnQl4npZT4_Vcy8/pVwe0/I5L1f/_oqc0 HTTP/1.1" 200 1859477
172.23.0.2 - - [19/Mar/2021:13:59:59 +0000] "GET /myapplication/login?6-2.IBehaviorListener.0-tabs-panel&_=1616162398864 HTTP/1.1" 200 5977

Caddy via HTTPS, login form missing

172.23.0.2 - - [19/Mar/2021:13:44:35 +0000] "GET / HTTP/1.1" 404 682
172.23.0.2 - - [19/Mar/2021:13:44:39 +0000] "GET /myapplication HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:44:41 +0000] "GET /myapplication/login?1 HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:44:42 +0000] "GET /myapplication/ HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/login HTTP/1.1" 302 -
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/login?1 HTTP/1.1" 200 9431
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf0daPJP6srWkzC-LW9M61uy_bVWJSsNdJ1yE7oveV9qzlNIyvLgrp5QMASrdrZdKWDsQYGabzABO/pVwe0/bzA78/qj0e6 HTTP/1.1" 200 1553
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck8KM1B8xGFmvq3PMDl5MNOGUtkuaZQ2hL5grJu5i5Dn5coprUDBzDnIa8h4RwkJyTDikOw_EVfG-A/pVwe0/xAYef/Utk5b HTTP/1.1" 200 517
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSouloN4Ew4Y9VL0jVpQuxuQWrHbvlBtWDASj-357nVrHXwzd8xenYL0cG9ipbTvVvzZ045GCxFGSJRO3mzGlwra30It6F7knp8c/pVwe0/knp1c/cG9b4 HTTP/1.1" 200 4117
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ecqJamorHsYVBil6wDvAJ5TP9ll9hzeDf-Icv-OXvF0mBl8NoZ3Cfn2ek8T-e693259fTXsh19hE2K7mfpCZCQTy2JQ4z7C2z/pVwe0/z7C45/fCSf5 HTTP/1.1" 200 545
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ewQrhuy48qLQKrXKESSKQfKs68ZtwgKbM0jtTBc4HhlFmI5L7_oq59iS4R8GKxoxfkKyCOTO2PRnlKx6nPfHvX_60gjrfZJJlELIK9AEXlQyJGGBoyfQrw1aDfxN_kFNb/pVwe0/fZJ25/hlFb1 HTTP/1.1" 200 8369
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck8rgW3Ni65KSJQv_9RcGVl6_pXzXqkY0F6zirxWJXKEUz5I8jVdTv8_sTNrBAjne0wmkZF2nG9-sY/pVwe0/xAYef/_pXd6 HTTP/1.1" 200 518
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ1Lbtxr0EM_xqcJFe-AIFcqsJFnaxRLpGH_CspBVidHSq8xc3mF-Gty_4jsxtKkUyyhSXrjKM77MU6gtaZBnGaLtNWP_N5tVCOWDXeek42CKdsYY66hJ5Iw/pVwe0/6JDff/kUy8e HTTP/1.1" 200 2287
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf4uM7uNnwjJxWebwrJZ9vyHa61bFfsAhyf8m__gKVKq5Rwk3hc6edU1QNmmOTyI18q1SJjbFKs46Duw64VNoQYzbpv9DaPWTgA/pVwe0/Qfa3b/Ha67c/Webd3/uXm59 HTTP/1.1" 200 4072
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ecqJamorHsYVBil6wDvAJ5ek-oxxJ8mA6aCx49dih6_sw8XzGM99acB3QQaucdJUlPlMPW7lEKrwzWzQ_iOWtpxcy9aOx5_cY/pVwe0/x5_c1/6aC37 HTTP/1.1" 200 599
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjuMYm5wnJMwwoCp1EDj_jfzHvq0e3y7umluBLi9_MfqFNNNhT3i3nc36HSGUPQi1Yx4v0bQpmSxo/pVwe0/_Mf77/KSo06 HTTP/1.1" 200 8802
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0V9dqbwUg7vKPk1-BnyUFrU_Z9bwuXmsJdoydn2o016T_UyLBC-_4QfagjY058eZf4uM7uNnwjJxWebwrJZ9vyFLFbEf7UwLaiGvEkRZI4T7m7cWE4iZ7D-ggDtfFKSX-a7S-ZpFkvPy6wo8Va1md6WjMYSmRdE4HQ/pVwe0/Qfa3b/FLF6f/CSq00/HQpc6 HTTP/1.1" 200 43539
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ19Wg9oh5rnIF9AEiYsJAwsyRYHXxpotnlmh06S5gGeYquhcTxJpw6q3txeCBAj4hrtwP8HpeMCpog67KNR5DN46Sz8lQh0whDHd3ZpBp8KDezX0onwVuI0/pVwe0/6JDff/j4hcd HTTP/1.1" 200 85513
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ9dHukYJzcOZxi-EgK9DMR8-vATAq4LqyptJuU5zgaPM6o5Frg7evLO2xAYmbVFhjgdXEFNYxck81-TYzFAaSb5D2b6kagV9_HSFRXo478wKucFQ3kKtcjFaPVIj8KIf_vVKT4R7ebf_/pVwe0/47834/K9D15 HTTP/1.1" 200 34149
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjYZ_OCV7DcvvJWDSGLpq5yUPXLW--XBd0oAdiHqFlMhXmYhK7EGOG_k9S_yWSrJ2IGshN3C1eDF8Cl1SzvWZhIkEV_2_QtJg6xV2Md_om3ybuaOsLR0EHv7boMtmEzJCjQ0IARjxJSuBlGMnOqYaQN857QxC7Th0ha/pVwe0/zJCc2/_OCb2 HTTP/1.1" 200 649
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/login?1-1.IBehaviorListener.0-tabs-panel&_=1616161484438 HTTP/1.1" 400 821
172.23.0.2 - - [19/Mar/2021:13:44:44 +0000] "GET /myapplication/crypt.pVwwwafCSqj0UWr2z06p0SQRb4_hJhjY3_e6JDpKSos20AREeDGlZ0k-Kxg_3M8ewQrhuy48qLQKrXKESSKQfKs68ZtwgKbM0jtTBc4HhlFmI5L7_oq59iS4R8GKxoxfG0h9fM5ffE6yl9qt31Bp0UOAtjMeSA-nwbaYUEJmiVydKFj_XbrfTX24l8NeQnQl4npZT4_Vcy8/pVwe0/I5L1f/_oqc0 HTTP/1.1" 200 1859477

Origin does not correspond to request

Is Tomcat configured to accept requests from the domain Caddy is managing? This seems like a cross-site request forgery protection.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.