I am having a bit of trouble finding out the specifics of the way the redirectPort attribute of a Connector functions, particularly in relation to using Tomcat with Apache. The test environment I have been given to learn from has an Apache virtual host defined that uses SSL. It has a JkMount directive that refers to a worker connected to port 8009. The Connector in Tomcat that listens to port 8009 doesn't have 'secure' set to true, and has 'redirectPort' set to 8443.

If there is no <security-constraint> setup in web.xml, does this mean that the request will be processed without redirecting? Does this mean SSL between the client and Apache and no SSL between Apache and Tomcat?

If the web.xml did require SSL, does this mean that the redirectPort would be used? If so, does that normally mean it should be picked up at the Apache end on 8443 or that I must have another Tomcat Connector defined as port 8443 with secure=true to the request can be directed straight back into Tomcat without going through Apache again?

Sorry if this all seems a bit vague, I've looked a fair bit and I am struggling to find any documentation that spells this process out in a way that helps me understand what is really going on here.

Any information that sheds any light on this would be greatly appreciated!

Stuart