tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: about Connector's attribute redirectPort
Date Fri, 12 Sep 2008 17:28:48 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

李征,

李征 wrote:
> If this Connector is supporting non-SSL requests, and a request is
> received for which a matching <security-constraint> requires SSL
> transport, Catalina will automatically redirect the request to the
> port number specified here. The default value is 443.
> 
> but i still don't understand what redirectPort is used for.

When you are using HTTP (non-secure) and your security settings for a
resource (set using <transport-guarantee> in the <security-constraint>
sections of web.xml) call for a CONFIDENTIAL or INTEGRAL transport, HTTP
is not considered acceptable. In this case, Tomcat will issue a redirect
to the client (web browser) indicating that HTTPS should be used.
Sometimes, the port number you want to use is not 443 (the default). If
you want to override this default, you can use the redirectPort
attribute to set that port.

For instance, if you are running a standard web server configuration,
you'll want to set redirectPort="443" (or leave it out entirely, as this
is the default). If, instead, your HTTPS server is listening on port
12345, then you'll want redireftPort="12345".

If you don't use HTTPS, then you can safely ignore this setting.

Honestly, this attribute could have a better name (perhaps,
secureRedirectPort or something like that).

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjKptAACgkQ9CaO5/Lv0PCdlACfQknLbNm8YRmaj5+fgNKvYjKd
074An28V+Iv8JnBIBpgLFR/uatDGcbC0
=ygE4
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message