tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From christianhau <christian...@gmail.com>
Subject Re: How to remove port number from https adress and redirect http to https
Date Fri, 06 Jul 2007 10:40:50 GMT

Thanks man!

I have tried a similar approach with the web.xml but no luck. This is what I
wrote in web.xml
<security-constraint>
                <web-resource-collection>
                        <web-resource-name>Entire
Application</web-resource-name>
                       
<url-pattern>/cas/WEB-INF/view/jsp/simple/ui</url-pattern>
                </web-resource-collection>
                <user-data-constraint>
                       
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
                </user-data-constraint>
        </security-constraint>

Now I am not 100% sure if the pattern is correct, how would I check that?
And another thing, you mentioned a suitable servlet filter? How would you go
about making a servlet filter for this purpose and where would you put it?
As you can tell from my question I have little experience with servlet
filters..

Thanks again :)




Lyallex wrote:
> 
> Hi
> 
> This is my first contribution to this list and I expect others will have
> better ways of doing it but ...
> 
> The way I managed to get his working is to set the ssl connector port to
> the
> default ssl port (443)
> and my non-ssl connector port to the default http port (80)
> Obviously there are issues starting Tomcat on these ports on *NIX systems
> but judging by the following
> entry in your ssl connector (keystoreFile="/root/.keystore") you appear to
> have access to root.
> 
> That should do it
> 
> Also in my etc/hosts file I have set 127.0.0.1   www.mywebapp.co.uk and my
> app is the root web app
> 
> so now, combined with the following in web.xml
> 
> <security-constraint>
> ...
>      <user-data-constraint>
>         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>     </user-data-constraint>
> ...
> </security-constraint>
> 
> and a suitable servlet filter I can switch between http and https almost
> at
> will with no messing about with ports just by asking for
> http://www.mywebapp.co.uk
> 
> Hope this helps
> 
> Cheers
> Duncan
> 
> 
> On 7/6/07, christianhau <christianhau@gmail.com> wrote:
>>
>>
>> Hi!
>>
>> I have set up a tomcat server with ssl that works fine as long as I go to
>> the adress https://adress:8443 I want to get rid of the port number, is
>> there any easy way to do this so that tomcat understands the https
>> request
>> that comes in?
>>
>> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
>> maxThreads="150" scheme="https" secure="true"
>> clientAuth="false" keystorePass="changeit" sslProtocol="TLS"
>> keystoreFile="/root/.keystore"
>> truststoreFile="/usr/lib/jvm/java-1.5.0-sun/jre/lib/security/cacerts" />
>>
>> This is my ssl connector in my server.xml. I tried getting a redirct from
>> http to https going but couldn't do that in tomcat alone, any tips on
>> that
>> aswell? I have done this:
>>
>> <Connector port="8080" protocol="HTTP/1.1"
>>
>> redirectPort="8443" />
>>
>> With no luck... Thanks for any help!!
>> --
>> View this message in context:
>> http://www.nabble.com/How-to-remove-port-number-from-https-adress-and-redirect-http-to-https-tf4034030.html#a11459871
>> Sent from the Tomcat - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
> 
> 

-- 
View this message in context: http://www.nabble.com/How-to-remove-port-number-from-https-adress-and-redirect-http-to-https-tf4034030.html#a11462081
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message