You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Jay Wright <jw...@once.com> on 2002/12/02 19:03:55 UTC

Tomcat and SSL

I am trying to configure a tomcat (4.1.12 on solaris) webserver to redirect
a web app to a secure site.  I'm attempting to configure this through
web.xml, but I haven't found any valuable documentation.  

I have added: 

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Some Name</web-resource-name>
            <url-pattern>/a/b/c/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

to the web.xml file, though it is unclear to me how this works.  I have also
configured tomcat with a certificate and set up the SSL Connector as per
apache's documentation.  SSL works, but the problem is that I can reach any
of my web apps through either http or https.  

In my configuration above, the <web-resource-name> maps to nothing.  Is this
just a friendly name or should it map to a "resource" in my <servlet>
configuration? 

Thanks,

Jay

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>