tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Bacon <sba...@aod.cx>
Subject How to prevent non-ssl access to an app?
Date Mon, 05 Nov 2001 21:35:42 GMT
Hello,
   I have just installed RedHat Linux 7.1 with Apache (v 1.3.19 r5) and 
Tomcat (v 3.2.3 r1)
I have enabled SSL and installed certificates and it's all working fine.
However!
my jsp app can be reached via both http://blah_blah_blah and 
https://blah_blah_blah (i.e. encrypted and non-encrypted)
I would like to restrict it to only being served via SSL.
I cannot figure out how to do this, so any guidance would be appreciated.
thanks,
   -Steve Bacon

the only change I've made to my server.xml is the addition of (at the 
bottom of the <ContextManager> section):

         <Context path="/stbapp"
                  docBase="webapps/stbapp"
                  debug="0"
                  reloadable="true" >
         </Context>



my web.xml is similarly basic:

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
     "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">

<web-app>
   <display-name>stbapp</display-name>
   <description>
     stbapp
   </description>
</web-app>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message