tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rutledge, Aaron" <ARutle...@5prime.com>
Subject RE: forcing SSL
Date Thu, 23 May 2002 19:16:04 GMT
THANK YOU!
 


-----Original Message-----
From: Ingo Bruell [mailto:ibruell@gmx.de]
Sent: Thursday, May 23, 2002 1:03 PM
To: Tomcat Users List
Subject: Re: forcing SSL


Hi,

RA> I'm trying to clear one last hurdle on this whole SSL thing.  How
RA> exactly do I force a certain page to require https protocol?  The
How-To
RA> on SSL (which I have just about memorized at this point) states... 

RA> "Any pages which absolutely require a secure connection should check
the
RA> protocol type associated with the page request and take the
appropriate
RA> action of https is not specified."

RA> Can this be done in the web.xml file or is this done within each JSP
or
RA> Servlet?  Is it possible to seamlessly redirect a user who requests
a
RA> page through http to be switched to https without altering the
source
RA> code of each page?  I've scanned every e-mail on SSL on this list
since
RA> November and I've seen many similar requests, but nobody has ever
RA> answered it.  Weird.  If somebody could point me in the right
direction
RA> I would be very grateful.  Regards!  Aaron

Yes, put the following into the web-xml security-constraint part and
tomcat redirects automaticly to ssl if the resource was requested.

      <user-data-constraint>
         <transport-guarantee>
            CONFIDENTIAL
         </transport-guarantee>
      </user-data-constraint>

it is necessary that ssl is correctly set up in server.xml. Have a
look at the HOW-To on the tomcat homepage

so long


Ingo Bruell

---
<ibruell@gmx.de>
<Ingo.Bruell@epost.de>
<ICQ# 40377720>
Oldenburg    PGP-Fingerprint: CB01 AE12 B359 87C4 BF1C  953C 8FE7 C648
169E E5FC
Germany      PGP-Public-Key available at pgpkeys.mit.edu



--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message