tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Robert.Jen...@surecomp.com>
Subject RE: ssl application
Date Tue, 01 Feb 2011 18:43:04 GMT
Thad,

Worked like a charm... thanks..

Sincerely,

Robert Jenkin
Surecomp Services, Inc.
2 Hudson Place, 4th Floor
Hoboken, NJ 07030
Skype: robert.jenkin
Office: 201 217 1437 | Direct: 201 716 1219 | Mobile: 908 251 0537
http://www.Surecomp.com

-----Original Message-----
From: Thad Humphries [mailto:thad.humphries@gmail.com] 
Sent: Tuesday, February 01, 2011 1:38 PM
To: Tomcat Users List
Subject: Re: ssl application

While doing some SSL research last week, I stumbled on this:
https://confluence.sakaiproject.org/display/DOC/Sakai+Admin+Guide+-+Advanced+Tomcat++%28and+Apache%29+Configuration

If you wish to secure the entire tomcat installation (which can be done
regardless of how you provide SSL), add the following to
TOMCAT_HOME/conf/web.xml inside the web-app tags:

<!-- redirect all traffic to the SSL port -->
<security-constraint>
  <web-resource-collection>
    <web-resource-name>Automatic SLL Forwarding</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>

It worked for me (Linux, Tomcat 6.0.30, JRE 1.5.0_22).

On Tue, Feb 1, 2011 at 1:31 PM, <Robert.Jenkin@surecomp.com> wrote:

> Hello all...
>
> I have configured ssl on tomcat 7 and I am able to access my application
> via ssl and non-ssl. What I am trying to figure out is how to configure
> tomcat so that my application is only available via ssl. Is there a way to
> do this? I have read the tomcat 7 document on ssl, but, did not take note of
> anything indicating how to do this.
>
> Thanks
>
> Bob Jenkin
>
> This mail was sent via Mail-SeCure System.
>
>
>


-- 
"Hell hath no limits, nor is circumscrib'd In one self-place; but where we
are is hell, And where hell is, there must we ever be" --Christopher
Marlowe, *Doctor Faustus* (v, 121-24)

This mail was sent via Mail-SeCure System.
Mime
View raw message