You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Erik Weber <er...@mindspring.com> on 2005/04/19 15:56:56 UTC
[OT] how to reject non-HTTPS instead of redirect?
Sorry for the OT but I thought I'd try here since this should be simple
and I don't subscribe to tomcat-user.
Anyone know how to configure Tomcat (5.0) to simply reject a non-HTTPS
request when the transport guarantee is CONFIDENTIAL, rather than to
issue a redirect?
I can't find anything on this in the documentation. I tried removing the
redirectPort attribute from the Connector element, and it seemed to make
no difference. The doc says this:
|redirectPort|
If this *Connector* is supporting non-SSL requests, and a request is
received for which a matching |<security-constraint>| requires SSL
transport, Catalina will automatically redirect the request to the port
number specified here.
How do I turn off this automatic redirect? I would rather issue an error
response.
Thanks,
Erik
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org