Setting the Server attributes to secure by modifying configuration files for each server

As an alternative to using the SpotfireRemoteIpValve to configure Spotfire Server with a load balancer or reverse-proxy, you can also make the server behave as if it uses HTTPS (e.g., set secure cookies etc.) by providing some parameters in the HTTP Tomcat connector, present in server.xml. Note, however, that this method requires changes on all servers in the cluster, whereas the filter configuration only needs to be done once.

About this task

To indicate that the connection should be seen as secure, even though the Spotfire Server uses HTTP, follow the instructions below.

Note: These steps must be performed on all servers in a cluster.

Procedure

Open the following file in an XML editor or a text editor: <server installation dir>/tomcat/conf/server.xml
Locate the information about the HTTP connector (at the top of the file).
Add the following attributes to the list:
scheme="https"

secure="true"

proxyPort="443" (or the port that your load balancer uses)

proxyName="example.com" (the host name of your load balancer)

The most important attribute here is secure – the other attributes are used only in some special cases (normally, the configured public address is used instead).
Save and close the file.
Restart the Spotfire Server.

Example:

<Connector port="80"
  protocol="org.apache.coyote.http11.Http11NioProtocol"
	maxHttpHeaderSize="65536"
	connectionTimeout="30000"
	enableLookups="false"
	URIEncoding="UTF-8"
	disableUploadTimeout="true"
	server="Spotfire Server"
	compression="on"
	compressibleMimeType="text/html,text/xml,text/plain,text/css,application/json,application/javascript,image/svg+xml,application/xml"
	keepAliveTimeout="30000"
	maxKeepAliveRequests="-1"
	maxThreads="2000"
	scheme="https"
	secure="true"
	proxyPort="443" 
	proxyName="example.com"/>