tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave <javao...@yahoo.com>
Subject Re: how to auto redirect to https from http
Date Thu, 07 Feb 2008 15:02:19 GMT
Hi Hazem,
  Thanks,
   
  I tried the method, it worked.
  But  when I tried to protect login page only,
   
  <web-resource-collection>
                        <web-resource-name>protected pages</web-resource-name>
                        <url-pattern>/login.jsp</url-pattern>
 </web-resource-collection>

  restarted tomcat, and went to http://www.mydomain.com
   
  it was redirected to secure URL. It should stay insecure until going to login page.
   
  anything I was missing?
   
  Thanks
  Dave

Hazem DAOUD <hazem.daoud@alcatel-lucent.fr> wrote:
  Hi Dave,

Try to add this to web.xml under tomcat_install_dir/conf:
"
/

Protected Context
/*



CONFIDENTIAL

/
"

That works for me.

Regards.

--Hazem.

Dave a écrit :
> Hi,
> when user types http://www.mydomain.com, how to redirect to secure url https://www.mydomain.com?
I know that a servlet filter can do that. Is there an easier way?
> 
> In server.xml, redirectPort="8443" for port 80, it did not work as I expected.
> 
> > maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
> emptySessionPath="true"
> enableLookups="false" redirectPort="8443" acceptCount="100"
> connectionTimeout="20000" disableUploadTimeout="true"/>
> 
> > maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
> emptySessionPath="true"
> scheme="https" secure="true" clientAuth="false"
> keystoreFile="${jboss.server.home.dir}/keystore"
> keystorePass="123456" sslProtocol = "TLS" />
>
> Thanks for help.
> 
> Dave
>
> 
> ---------------------------------
> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
> 



       
---------------------------------
Looking for last minute shopping deals?  Find them fast with Yahoo! Search.
Mime
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message