Richard,
> Am 20.07.2019 um 16:47 schrieb Richard Huntrods <huntr...@athabascau.ca>: > > OK. That was really weird. > > As I said in my message, following the directions on the web did NOT > work. It didn't force redirection from http to https. > > What it DID end up doing was to kill the tomcat servlet application. > Before the change it was working fine, and after the change it would > only generate a 404 page. > > I reverted to the original /conf/web.xml, restarted tomcat and the > servlet application is back up and running perfectly. > > So this code in /conf/web.xml affected the servlet but not the ROOT > static web pages. > > I'm thinking I need to make the change I noted, but in ROOT/web.xml > instead. I'll try that today. But it was weird that the change in > /conf/web.xml killed the servlet but didn't affect the ROOT static pages > at all. Especially weird since the servlet application ONLY runs on > port 443 (https). > Be careful where you put that element. If I remember correctly the order of the elements for web.xml is quite picky (at least it was when I added it a couple of years ago). In my app this goes right after welcome-file-list and before error-page. The error log should you show the reason why the app does not start or start incomplete. Peter > -R > > On 7/19/2019 7:18 PM, Richard Huntrods wrote: >> I tried implementing automatic redirection from HTTP to HTTPS on my >> tomcat today, but it's not working. >> >> First, my system: >> OS: Ubuntu 18.04.2 LTS (server) >> Tomcat: 9.0.22 (installed from tomcat distribution, not via apt get) >> Java: OpenJDK "11.0.3" 2019-04-16 >> Mysql: Ver 14.14 Distrib 5.7.26 >> >> This web application has it's own domain (let's call it "mydomain.com" >> ) and has working HTTPS - and has done for some time now. >> >> Static web pages are served on this application via tomcat using the >> ROOT directory ../tomcat/webapps/ROOT >> >> Again, this is working just fine. If I type "https://mydomain.com"; I >> see the secure static pages. If I type "http://mydomain.com"; I see the >> same pages, but browsers inform me the page isn't secure. >> >> I want to force tomcat to redirect "http://mydomain.com"; to >> "https://mydomain.com"; always. >> >> I found instructions for auto-redirection on several on-line sites, >> and all had the same instructions. >> >> I already have the redirect code in server.xml: >> >> <Connector port="80" protocol="HTTP/1.1" >> connectionTimeout="20000" >> redirectPort="443" /> >> >> So all I had to add (according to the instructions) was code at the >> end of ...tomcat/conf/web.xml >> >> <security-constraint> >> <web-resource-collection> >> <web-resource-name>Secured</web-resource-name> >> <url-pattern>/*</url-pattern> >> </web-recource-collection> >> <user-data-constraint> >> <transport-guarantee>CONFIDENTIAL</transport-guarantee> >> </user-data-constraint> >> </security-constraint> >> >> just before the final </web-app> >> >> I did this and restarted tomcat. It doesn't work. >> >> After restarting tomcat, if I type in "http://mydomain.com"; I still >> see the unsecured version. It does not auto-redirect to https. >> >> What am I missing? >> >> Thanks, >> -Richard > > --- > This email has been checked for viruses by Avast antivirus software. > https://www.avast.com/antivirus > > -- > This communication is intended for the use of the recipient to whom it is > addressed, and may contain confidential, personal, and or privileged > information. Please contact us immediately if you are not the intended > recipient of this communication, and do not copy, distribute, or take action > relying on it. Any communications received in error, or subsequent reply, > should be deleted or destroyed. > --- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
smime.p7s
Description: S/MIME cryptographic signature
