tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Donie Kelly <donie.ke...@tecnomen.ie>
Subject RE: Protecting a page with SSL
Date Wed, 12 Jun 2002 11:58:34 GMT
Thanks Adam

It sort of works now. I have a URL mapped as /info

I can access it as https://nysa/info and it works
If I use http://nysa/info I get HTTP 500 Internal Server Error

I want the request from http to re-direct to https. What am I doing wrong?
Thanks
Donie

Here is my web.xml

  <servlet>
      	<servlet-name>info</servlet-name>
      	<jsp-file>/onm/index.jsp</jsp-file>
  </servlet>

  <servlet-mapping>
      	<servlet-name>info</servlet-name>
      	<url-pattern>/info</url-pattern>
  </servlet-mapping>

  <security-constraint>
      <web-resource-collection>
          <web-resource-name>secure</web-resource-name>
          <url-pattern>/info</url-pattern>
      </web-resource-collection>

      <user-data-constraint>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  	  </user-data-constraint>
  </security-constraint>

And here is part of my server.xml

  <Service name="Tomcat-Standalone">

    <!-- Define an SSL HTTP/1.1 Connector on port 443 -->
    <Connector className="org.apache.catalina.connector.http.HttpConnector"
			port="443" minProcessors="5" maxProcessors="75"
			enableLookups="true"
			acceptCount="10" debug="0" scheme="https"
secure="true">
		<Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
			clientAuth="false" protocol="TLS"
			keystoreFile="c:\tomcat4.0\.keystore"
			keystorePass="changit"
	     />
    </Connector>

    <!-- Define a non-SSL HTTP/1.1 Connector on port 80 -->
    <Connector className="org.apache.catalina.connector.http.HttpConnector"
			port="80" minProcessors="5" maxProcessors="75"
			enableLookups="false"
			redirectPort="443" acceptCount="10" debug="0"
connectionTimeout="60000"
			allowChunking="false"/>

    <Engine name="Standalone" defaultHost="localhost" debug="0">
      <Logger className="org.apache.catalina.logger.FileLogger"
prefix="catalina_log." suffix=".txt" timestamp="true"/>
      <Realm className="org.apache.catalina.realm.MemoryRealm" />
	  <Host name="localhost" debug="0" appBase="webapps"
unpackWARs="false">

		<Context path=""
docBase="c:\mmsdev\dev\mms\webapps\mms"></Context>
	      <Context path="/images"
docBase="c:\mmsdev\dev\mms\webapps\mms\onm\images"></Context>
	      <Context path="/tp"
docBase="c:\mmsdev\dev\mms\webapps\tp"></Context>
        </Host>
    </Engine>
  </Service>


 -----Original Message-----
From: 	Sefton, Adam [mailto:Adam.Sefton@plc.cwplc.com] 
Sent:	12 June 2002 12:28
To:	'Tomcat Users List'
Subject:	RE: Protecting a page with SSL


Within your web.xml, inside the <security-constraint> tag, add:

<user-data-constraint>
         <transport-guarantee>
            CONFIDENTIAL
         </transport-guarantee>
</user-data-constraint>

This will force the connection for the application.

If you want to force the connection for all applications across the Tomcat
instance, then place this in the /conf/web.xml instead.

Hope this helps

Adam

-----Original Message-----
From: Donie Kelly [mailto:donie.kelly@tecnomen.ie]
Sent: 12 June 2002 12:21
To: 'Tomcat Users List'
Subject: Protecting a page with SSL


Hi all

I've setup SSL on tomcat but I can't find in the docs how to protect a .jsp
page or servlet mapping to force the connection over SSL

Please point me in the right direction.
Thanks
Donie

--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>


**********************************************************************
This message may contain information which is confidential or privileged.
If you are not the intended recipient, please advise the sender immediately
by reply e-mail and delete this message and any attachments
without retaining a copy.  

**********************************************************************


--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message