Re: Forwarding with Tomcat Standalone

2003-09-23 Thread Adam Hardy 
Have you set up the security-constraint in your web.xml for those pages?

  security-constraint
web-resource-collection
  web-resource-nameLogin 4 Everything/web-resource-name
  !-- Define the context-relative URL(s) to be protected --
  url-pattern/private/*/url-pattern
/web-resource-collection
auth-constraint
  !-- Anyone with one of the listed roles may access this area --
  role-nameuser/role-name
  role-nameadmin/role-name
/auth-constraint
user-data-constraint
  descriptionSSL not required/description
  transport-guaranteeCONFIDENTIAL/transport-guarantee
/user-data-constraint
  /security-constraint
You will also probably need to set up a filter to redirect non-secure 
pages out of HTTPS. This is not automatic.

Adam

On 09/23/2003 03:28 AM Michael Futeran wrote:
I am trying to replace an Apache/Tomcat combination with Tomcat standalone.
I have everything else working, but I can not figure out how to get requests
for secure pages to be auto forwarded to https the way they are with Apache.
--
struts 1.1 + tomcat 4.1.27 + java 1.4.2
Linux 2.4.20 RH9
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Forwarding with Tomcat Standalone

2003-09-23 Thread Shapira, Yoav 

Howdy,
A filter can be easily written for this purpose:

- Check request URL
- If request is for secure page, forward to different port (the one you
configure in server.xml to be an SSL connector) on same server with same
request path.
- Otherwise, pass request on...

Yoav Shapira
Millennium ChemInformatics


-Original Message-
From: Michael Futeran [mailto:[EMAIL PROTECTED]
Sent: Monday, September 22, 2003 9:28 PM
To: Tomcat Users List
Subject: Forwarding with Tomcat Standalone

I am trying to replace an Apache/Tomcat combination with Tomcat
standalone.
I have everything else working, but I can not figure out how to get
requests
for secure pages to be auto forwarded to https the way they are with
Apache.



This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]