Terminating TLS in a load balancer or reverse proxy
By providing some parameters in the HTTP Tomcat connector, present in server.xml, you can make the server behave as if it uses HTTPS (e.g, set secure cookies etc.), even when the server itself has not been configured with HTTPS.
About this task
If HTTPS is enabled on the Spotfire Server, then this results in a number of behavior changes, including that HTTP session cookies are marked as secure.
However, it is also possible to configure a load balancer or reverse-proxy with HTTPS, and use plain HTTP between the load balancer and the Spotfire Server. In these cases, the Spotfire Server will not automatically know that the connection is secure (from the client's point of view) and it will need some additional steps to set the secure attribute on cookies.
Procedure
Example:
<Connector port="80"
maxHttpHeaderSize="65536"
connectionTimeout="30000"
enableLookups="false"
URIEncoding="UTF-8"
disableUploadTimeout="true"
server="TIBCO Spotfire Server"
compression="on"
compressibleMimeType="text/html,text/xml,text/plain,text/css,application/json,application/javascript,image/svg+xml,application/xml"
acceptorThreadCount="2"
keepAliveTimeout="30000"
maxKeepAliveRequests="-1"
maxThreads="2000"
scheme="https"
secure="true"
proxyPort="443"
proxyName="example.com"/>