tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anton Brazhnyk <a.brazh...@biconsulting.ws>
Subject RE: apache + mod_SSL + tomcat
Date Wed, 06 Feb 2002 16:05:09 GMT
Hi,

> -----Original Message-----
> From: Cressatti, Dominique [mailto:Dominique.Cressatti@lansa.co.uk]
> Sent: Wednesday, February 06, 2002 4:00 PM
> To: Tomcat Users List
> Subject: RE: apache + mod_SSL + tomcat
> 
> 
> Anton Brazhnyk answered it.
> I followed his advice.
> I basically commented out the "HttpConnector" running on port 8080
> and that was it.
> >From that point I can't an http connection on port 8080
> but I can still access my app on port 80 (normal http)
> and port 443 (https).
> 

So, do you want SSL-only for entire web application?
append something like following to your web.xml

  <security-constraint>

    <web-resource-collection>
      <web-resource-name>Entire application</web-resource-name>
      <url-pattern>/*</url-pattern>
      <http-method>GET</http-method>
    </web-resource-collection>

    <user-data-constraint>
      <description>User data constraint description</description>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>

  </security-constraint>


> One point that was made by somebody else what
> about the connection between apache and tomcat?
> Either mod_jk on port 8009 (or 8007) or mod_webapp
> on port 8008. As far as I know those connectors are
> not ssl enabled. 
> 

These tasks are for your firewall :)

> Dom
> 

Anton

--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message