tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <devli...@hanik.com>
Subject Re: What is the right way to redirect http to https with tomcat 7 ?
Date Mon, 14 Mar 2011 23:29:23 GMT
On 3/14/2011 3:46 PM, János Löbb wrote:
> Hi,
>
> I set up ssl using the JAVA_HOME/bin/keytool on OSX 10.6.6 - JSSE type configuration
with a self-signed certificate.  Modified server.xml to include a connector:
>
>      <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
>                 maxThreads="150" scheme="https" secure="true"
> 		keystoreFile="/Users/administrator/.keystore" keystorePass="*****"
>                 clientAuth="false" sslProtocol="TLS" />
>
> anything else is the default, out of box.
>
> Where should I configure and how that when I hit
>
> http://localhost:8080
>
> it should redirect to
>
> https://localhost:8443

make sure your connector 8080 has redirectPort="8443" in it, then in <tomcat.home>/conf/web.xml
define a constraint, transport/confidential

<security-constraint>
<web-resource-collection>
<web-resource-name>Everything is https</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>

<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>



> ??
>
> That is I do not want it to be web app specific, I want to have this behavior by default.
  I am not using httpd or mod_jk at this time and do not want to use if I can avoid them.
>
> Should I also add SSLEngine="on" ??
>
>
> Thanks ahead,
>
> János
> P.S.  I looked the list from 2008 and see nothing in this regard.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message