Re: What is the right way to redirect http to https with tomcat 7 ?

Tue, 15 Mar 2011 14:00:52 -0700 

Filip,

Works like charm.

Thanks a lot,

János

On Mar 14, 2011, at 7:29 PM, Filip Hanik - Dev Lists wrote:

> On 3/14/2011 3:46 PM, János Löbb wrote:
>> Hi,
>> 
>> I set up ssl using the JAVA_HOME/bin/keytool on OSX 10.6.6 - JSSE type 
>> configuration with a self-signed certificate.  Modified server.xml to 
>> include a connector:
>> 
>>     <Connector port="8443" 
>> protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
>>                maxThreads="150" scheme="https" secure="true"
>>              keystoreFile="/Users/administrator/.keystore" 
>> keystorePass="*****"
>>                clientAuth="false" sslProtocol="TLS" />
>> 
>> anything else is the default, out of box.
>> 
>> Where should I configure and how that when I hit
>> 
>> http://localhost:8080
>> 
>> it should redirect to
>> 
>> https://localhost:8443
> 
> make sure your connector 8080 has redirectPort="8443" in it, then in 
> <tomcat.home>/conf/web.xml define a constraint, transport/confidential
> 
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Everything is https</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> 
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> 
> 
> 
>> ??
>> 
>> That is I do not want it to be web app specific, I want to have this 
>> behavior by default.   I am not using httpd or mod_jk at this time and do 
>> not want to use if I can avoid them.
>> 
>> Should I also add SSLEngine="on" ??
>> 
>> 
>> Thanks ahead,
>> 
>> János
>> P.S.  I looked the list from 2008 and see nothing in this regard.
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>> 
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to