tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anand HS <anan...@gmail.com>
Subject Re: A question about excluding URL patterns from filters
Date Fri, 06 Feb 2009 07:24:42 GMT
I think I was doing a mistake in the url-pattern. giving the correct URL
pattern did the trick.
Thanks for the tip on transport-guarantee Chuck.

Thanks,
Anand

On Fri, Feb 6, 2009 at 12:11 PM, Anand HS <anandhs@gmail.com> wrote:

> Hi,  Thanks for the info about the transport-guarantee.
> I did try to use it. Here is the config to exclude xsl files and allow all
> others through to HTTPS.
>
>  <security-constraint>
> <web-resource-collection>
> <web-resource-name>Notify page, accessed internally by
> application</web-resource-name>
> <url-pattern>*.xsl</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>NONE</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> <!-- Force SSL for entire site -->
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Entire Site</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> I would expect with this configuration that when i try to load any xsl
> through http on my browser, no redirection to https happens.  But it doesnt
> seem to be happening. Is my configuraiton missing something. ?
>
> BTW, i use tomcat 6.0.18.
>
> Thanks,
> Anand
>
>
> On Fri, Feb 6, 2009 at 11:31 AM, Caldarale, Charles R <
> Chuck.Caldarale@unisys.com> wrote:
>
>> > From: Anand HS [mailto:anandhs@gmail.com]
>> > Subject: A question about excluding URL patterns from filters
>> >
>> > I have a filter that takes all requests that try to hit http and
>> > redirects them through https.
>>
>> Why are you using a filter?  Why not the <transport-guarantee> mechanism
>> defined in the servlet spec?
>>
>>  - Chuck
>>
>>
>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
>> MATERIAL and is thus for use only by the intended recipient. If you received
>> this in error, please contact the sender and delete the e-mail and its
>> attachments from all computers.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message