Using rewite valve for example to rewite only some URL's to https does not work: RewriteCond %{REQUEST_URI} !^/some/exception/.*$ RewriteCond %{REQUEST_URI} ^/.*$ RewriteCond %{HTTPS} off RewriteRule ^/(.*)$ https://localhost:8443%{REQUEST_URI} because http://localhost:8443/ is rewritten to https%3A//localhost%3A8443/ The colon ":" is encoded to "%3A"
Using Java 1.8.0_31-b13 Tomcat is configured with http and https connector (org.apache.coyote.http11.Http11Nio2Protocol)
Unless you're using a redirect, this won't work. The mapper will only accept URLs relative to the server root, so fixing this does not make sense since this is not usable. Please use the user list for user questions instead.
Rules like this are working with Apache httpd mod_rewrite and are subject to many howtos regarding https redirection. For example https://www.sslshopper.com/apache-redirect-http-to-https.html Following this description https://tomcat.apache.org/tomcat-8.0-doc/rewrite.html "The rewrite.config file contains a list of directives which closely resemble the directives used by mod_rewrite, in particular the central RewriteRule and RewriteCond directives." So I would expect this to work.
The behavior corresponds to what is documented in the Tomcat documentation. However, it seems reading the mod_rewrite documentation that additional capabilities were added or officially documented to the RewriteRule directive. Tomcat's RewriteValve only supports the "-" and URL-path options for the substitution, while now mod_rewrite has external rewrite auto detect (useful, but all you need to do is manually add the "R" flag, so it's a very minor enhancement) and a file serving feature (that could be questionable for Servlet security). So this becomes a low priority enhancement that will either be implemented or the documentation be further clarified that unlike mod_rewrite it doesn't support file serving and/or auto external redirect. From the current mod_rewrite documentation: The Substitution of a rewrite rule is the string that replaces the original URL-path that was matched by Pattern. The Substitution may be a: file-system path Designates the location on the file-system of the resource to be delivered to the client. Substitutions are only treated as a file-system path when the rule is configured in server (virtualhost) context and the first component of the path in the substitution exists in the file-system URL-path A DocumentRoot-relative path to the resource to be served. Note that mod_rewrite tries to guess whether you have specified a file-system path or a URL-path by checking to see if the first segment of the path exists at the root of the file-system. For example, if you specify a Substitution string of /www/file.html, then this will be treated as a URL-path unless a directory named www exists at the root or your file-system (or, in the case of using rewrites in a .htaccess file, relative to your document root), in which case it will be treated as a file-system path. If you wish other URL-mapping directives (such as Alias) to be applied to the resulting URL-path, use the [PT] flag as described below. Absolute URL If an absolute URL is specified, mod_rewrite checks to see whether the hostname matches the current host. If it does, the scheme and hostname are stripped out and the resulting path is treated as a URL-path. Otherwise, an external redirect is performed for the given URL. To force an external redirect back to the current host, see the [R] flag below. - (dash) A dash indicates that no substitution should be performed (the existing path is passed through untouched). This is used when a flag (see below) needs to be applied without changing the path.
I have documented explicitly the difference with the current mod_rewrite in that area.