You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Rob Tanner <rt...@linfield.edu> on 2007/05/01 19:38:38 UTC
How do I force redirects from http: to https:
Hi,
This is the first time I've worked with Tomcat as a stand-alone server
(i.e., not in conjunction with Apache). My problem is that I want to
forcibly (but transparently) redirect all connections on port 80 to port
443 for SSL. My problem is that I only know how to do that in Apache.
I have a redirectPort="443" argument in the port 80 connector
description in server.xml, but that doesn't seem to be doing anything.
Here's the port 80 connector spec:
<Connector acceptCount="150"
connectionTimeout="15000" debug="0" disableUploadTimeout="true"
enableLookups="false" maxSpareThreads="75" maxThreads="150"
minSpareThreads="25" port="80"
redirectPort="443"/>
What's missing, or is that even where I need to specify the redirect?
Thanks,
Rob
--
Rob Tanner
UNIX Services Manager
Linfield College, McMinnville OR
Re: How do I force redirects from http: to https:
Posted by Rob Tanner <rt...@linfield.edu>.
Chuck,
Thanks! Redirects are now working.
-- Rob
Caldarale, Charles R said the following on 05/01/2007 10:44 AM:
>> From: Rob Tanner [mailto:rtanner@linfield.edu]
>> Subject: How do I force redirects from http: to https:
>>
>> I have a redirectPort="443" argument in the port 80 connector
>> description in server.xml, but that doesn't seem to be doing anything.
>>
>
> It won't until you specify a security constraint for the webapps (or
> portions thereof) that need to be protected. You need to become
> familiar with the servlet spec, especially section 12. You can find the
> spec here:
> http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index.html
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-mail
> and its attachments from all computers.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: How do I force redirects from http: to https:
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Rob Tanner [mailto:rtanner@linfield.edu]
> Subject: How do I force redirects from http: to https:
>
> I have a redirectPort="443" argument in the port 80 connector
> description in server.xml, but that doesn't seem to be doing anything.
It won't until you specify a security constraint for the webapps (or
portions thereof) that need to be protected. You need to become
familiar with the servlet spec, especially section 12. You can find the
spec here:
http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index.html
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org