Proxies and policies
This page tries to show how to configure a couple of central policies, based on how TS is hosted.
Tomcat on port 80/443
When running tomcat directly on port 80/443, the following policies should be set.
| Policy | Value |
| applicationIsBehindAReverseProxy | false |
| applicationIsHiddenBehindAReverseProxy | false |
| applicationlPort | 80 |
| applicationlPortSSL | 443 |
| securitySslPages | Depends on if SSL is enabled (recommended) |
| applicationServer | A domain pointing at the server |
This was the default setup up untill 2025-Q2.
This illustration shows how the traffic is routed.
[DIAGRAM]
Behind a proxy (nginx)
When running tomcat behind a reverse proxy (eg. nginx), the following policies should be set.
| Policy | Value |
| applicationIsBehindAReverseProxy | true |
| applicationIsHiddenBehindAReverseProxy | false |
| applicationlPort | 80 |
| applicationlPortSSL | 443 |
| securitySslPages | Depends on if SSL is enabled (recommended) |
| applicationServer | A domain pointing at the server |
This is the default setup as of 2025-Q2.
It helps when running SSL/TLS and multiple/changing domains.
This illustration shows how the traffic is routed.
[DIAGRAM]
Hidden behind a proxy
When hiding the webapps hosted by tomcat behind a reverse proxy (eg. nginx), the following policies should be set.
| Policy | Value |
| applicationIsBehindAReverseProxy | true |
| applicationIsHiddenBehindAReverseProxy | true |
| applicationlPort | 80 |
| applicationlPortSSL | 443 |
| securitySslPages | Depends on if SSL is enabled (recommended) |
| applicationServer | The domain pointing at the instance |
This setup also requires that the context file for the given webapp is modified.
The following attributes have to be added to the Context opening tag.
useRelativeRedirects="false" sessionCookiePath="/"All of this is handled by the ts script.
This is used for shared hosting, where multiple domains are pointing to the same server, as to not expose other installations/customers.
This illustration shows how the traffic is routed.
[DIAGRAM]