You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Bernhard Wraase <bw...@netkosmos.de> on 2001/07/26 11:41:45 UTC
howto redirect
In the docs it seems simple...
Even in the thread recently
But it don't work.
Each request works:
http://127.0.0.1:8080 ->http://127.0.0.1:8080/index.html
https://127.0.0.1:8443 ->https://127.0.0.1:8443/index.html
But I want this:
http://127.0.0.1:8080 ->https://127.0.0.1:8443/index.html
The server.xml looks like:
<Service name="Tomcat-Standalone">
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="8080" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="8443"
acceptCount="10" debug="0" connectionTimeout="60000"/>
<!-- Note : To disable connection timeouts, set connectionTimeout
value
to -1 -->
<!-- Define an SSL HTTP/1.1 Connector on port 8443 -->
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
keystorePass="nordwest" clientAuth="false"
protocol="TLS"/>
</Connector>
--snip--
--snap--
</Service>
Any suggestions?
--
TIA Bernhard Wraase
Re: howto redirect
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Thu, 26 Jul 2001, Bernhard Wraase wrote:
> In the docs it seems simple...
> Even in the thread recently
>
> But it don't work.
> Each request works:
> http://127.0.0.1:8080 ->http://127.0.0.1:8080/index.html
> https://127.0.0.1:8443 ->https://127.0.0.1:8443/index.html
>
> But I want this:
> http://127.0.0.1:8080 ->https://127.0.0.1:8443/index.html
>
If you want Tomcat 4.0 to automatically do this redirect for you, then you
need to set up a security constraint inside the web.xml file of your ROOT
web app, and have that constraint require SSL. For example:
<web-app>
...
<security-constraint>
<web-resource-collection>
<web-resource-name>The Entire Web App</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
...
</web-app>
In this scenario, we do not have an <auth-constraint>, so we will never
challenge the user for a username or password. However, the transport
guarantee says that this entire webapp (i.e. all URIs that match "/*") can
only be accessed via SSL, so Tomcat will do an automatic redirect (to port
8443 in this case, because of your server.xml configuration below).
Craig McClanahan
> The server.xml looks like:
>
> <Service name="Tomcat-Standalone">
>
> <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
> <Connector
> className="org.apache.catalina.connector.http.HttpConnector"
> port="8080" minProcessors="5" maxProcessors="75"
> enableLookups="true" redirectPort="8443"
> acceptCount="10" debug="0" connectionTimeout="60000"/>
> <!-- Note : To disable connection timeouts, set connectionTimeout
> value
> to -1 -->
>
> <!-- Define an SSL HTTP/1.1 Connector on port 8443 -->
> <Connector
> className="org.apache.catalina.connector.http.HttpConnector"
> port="8443" minProcessors="5" maxProcessors="75"
> enableLookups="true"
> acceptCount="10" debug="0" scheme="https" secure="true">
> <Factory
> className="org.apache.catalina.net.SSLServerSocketFactory"
> keystorePass="nordwest" clientAuth="false"
> protocol="TLS"/>
> </Connector>
> --snip--
> --snap--
> </Service>
>
> Any suggestions?
> --
> TIA Bernhard Wraase
>
>
>
Re: howto redirect
Posted by Bernhard Wraase <bw...@netkosmos.de>.
Thank you for your response Rams,
> this is not possible..
but what does this mean?
1.) Redirect won't work at all
or
2) It should work because the server.xml seems to be okay
or
3) It can't work because the server.xml has severe failures
or
4) Something else
TIA Bernhard Wraase
RE: howto redirect
Posted by Rams <ra...@cmcltd.com>.
this is not possible..
Rams
-----Original Message-----
From: Bernhard Wraase [mailto:bw@netkosmos.de]
Sent: Thursday, July 26, 2001 3:12 PM
To: tomcat-user@jakarta.apache.org
Subject: howto redirect
In the docs it seems simple...
Even in the thread recently
But it don't work.
Each request works:
http://127.0.0.1:8080 ->http://127.0.0.1:8080/index.html
https://127.0.0.1:8443 ->https://127.0.0.1:8443/index.html
But I want this:
http://127.0.0.1:8080 ->https://127.0.0.1:8443/index.html
The server.xml looks like:
<Service name="Tomcat-Standalone">
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="8080" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="8443"
acceptCount="10" debug="0" connectionTimeout="60000"/>
<!-- Note : To disable connection timeouts, set connectionTimeout
value
to -1 -->
<!-- Define an SSL HTTP/1.1 Connector on port 8443 -->
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
keystorePass="nordwest" clientAuth="false"
protocol="TLS"/>
</Connector>
--snip--
--snap--
</Service>
Any suggestions?
--
TIA Bernhard Wraase