tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Øyvind Vestavik <Oyvind.Vesta...@idi.ntnu.no>
Subject Re: Any mod_webapp + <user-data-constraint> gotchas in 4.0?
Date Mon, 22 Apr 2002 09:25:29 GMT

I am way over my head here, but I once made a servlet whos methods should
only bee accessed over SSL. I Just made a secure port on 8443.
In my code I wrote

if (!request.isSecure)
   //make java.net.Url (using request.getHost() .getServletContext and so
     on (all though I didn't find a dynamic way to find the port of the
     server running SSL)
   redirect(myURL.toString())
Else
   //request is made over https. Proceed

Probably didn't answer your question, but..

Øyvind

Øyvind Vestavik
Øvre Møllenberggt 44b
7014 Trondheim
oyvindve@idi.ntnu.no
41422911

On Fri, 19 Apr 2002, Cavan Morris wrote:

> Hey guys,
> I'm getting ready to go live with my webapp and need to ensure confidentiality on my
credit card billing page.
>
> I'm running Tomcat 4.0.2 on Redhat 7.2 with apache 2.0.32 and mod_webapp 1.0.2.  I just
got my ssl certificate from verisign and set up apache to require ssl on port 443.  HTTPS
request to the site work great.
> I am trying to user the following security constraint in my web.xml to require ssl in
certain areas.
>
> <security-constraint>
>     <web-resource-collection>
>         <web-resource-name>SSL Area</web-resource-name>
>         <url-pattern>/user/*</url-pattern>
>     </web-resource-collection>
>     <user-data-constraint>
>         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>     </user-data-constraint>
> </security-constraint>
>
> I also set the redirect port on my warp connector like so in server.xml
> <Connector className="org.apache.catalina.connector.warp.WarpConnector"
>      port="8008" minProcessors="5" maxProcessors="75"
>      enableLookups="false" redirectPort="443"
>      acceptCount="10" debug="0"/>
>
> The result...  Absolutely Nothing.
> The changes have no discernable effect, /user/* is not redirected.
>
> It may be important to note that I also have a standalone HTTP connector running that
does is set to redirect to port 8443 but the site is being accessed through the warp connector.
>
> What am I missing here??  Any thoughts on this would be very helpful.
> -Cavan Morris
>
>
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message