I've set up Tomcat to run on http (8080) and https (8443).
The certificate is installed on the Tomcat server for SSL.
This seems to be working OK.

Next I set up Apache with mod_jk to front Tomcat.
Apache doesn't know about the SSL certificate.
Incoming requests on port 80 get routed to 8080.-

So, the browser displays a URL like mycompany.com
which is actually the Tomcat hosted mycompany.com:8080

But the application running on Tomcat has a login page.
I'd like the login page to always be displayed with https and after entering the login credentials be redirected back to the rest of the pages in the app in http, hiding the 8080 port of Tomcat.
Ideally the login page should not display the Tomcat port 8443.

How can I configure this behavior? If I redirect the login page to 8443, I'm not sure how to get back to http after logging in. And I'm not sure how best to redirect to the login page.