about Connector's attribute redirectPort

[李征 <us...@yahoo.com.cn>]

at tomcat official site, 

http://tomcat.apache.org/tomcat-4.1-doc/config/coyote.html
redirectPort is described as below

If this Connector is supporting non-SSL requests, and a request is received for which a matching <security-constraint> requires SSL transport, Catalina will automatically redirect the request to the port number specified here. The default value is 443.


but i still don't understand what redirectPort is used for.

and actually, tomcat doesn't listen on the port specified by redirectPort,
so how does the redirect work?



      ___________________________________________________________ 
 雅虎邮箱，您的终生邮箱！ 
http://cn.mail.yahoo.com/

Re: about Connector's attribute redirectPort

[Mark Thomas <ma...@apache.org>]

李征 wrote:
> at tomcat official site, 
> 
> http://tomcat.apache.org/tomcat-4.1-doc/config/coyote.html
> redirectPort is described as below
> 
> If this Connector is supporting non-SSL requests, and a request is received for which a matching <security-constraint> requires SSL transport, Catalina will automatically redirect the request to the port number specified here. The default value is 443.
> 
> 
> but i still don't understand what redirectPort is used for.
Which part of the description don't you understand?

> and actually, tomcat doesn't listen on the port specified by redirectPort,
> so how does the redirect work?
If Tomcat isn't listening on that port with a secure connector it won't work.

Mark



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: about Connector's attribute redirectPort

[Christopher Schultz <ch...@christopherschultz.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

李征,

李征 wrote:
> If this Connector is supporting non-SSL requests, and a request is
> received for which a matching <security-constraint> requires SSL
> transport, Catalina will automatically redirect the request to the
> port number specified here. The default value is 443.
> 
> but i still don't understand what redirectPort is used for.

When you are using HTTP (non-secure) and your security settings for a
resource (set using <transport-guarantee> in the <security-constraint>
sections of web.xml) call for a CONFIDENTIAL or INTEGRAL transport, HTTP
is not considered acceptable. In this case, Tomcat will issue a redirect
to the client (web browser) indicating that HTTPS should be used.
Sometimes, the port number you want to use is not 443 (the default). If
you want to override this default, you can use the redirectPort
attribute to set that port.

For instance, if you are running a standard web server configuration,
you'll want to set redirectPort="443" (or leave it out entirely, as this
is the default). If, instead, your HTTPS server is listening on port
12345, then you'll want redireftPort="12345".

If you don't use HTTPS, then you can safely ignore this setting.

Honestly, this attribute could have a better name (perhaps,
secureRedirectPort or something like that).

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjKptAACgkQ9CaO5/Lv0PCdlACfQknLbNm8YRmaj5+fgNKvYjKd
074An28V+Iv8JnBIBpgLFR/uatDGcbC0
=ygE4
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org