Re: howto redirect
On Thu, 26 Jul 2001 [EMAIL PROTECTED] wrote: > > I asked this on another thread of discussion but never got an answer. Is > this automatic redirection to SSL new for Tomcat 4.0? I'm using 3.2.3 and > when I set this user-data-constraint it appears that Tomcat verifies access > via SSL but does not redirect if it is not. From your response below I > assume this is 4.0 only. > Thanks, > Dave > Yes it's new in Tomcat 4.0. So is the explicit spec requirement that a container act in this way, in Servlet 2.3 PFD3, section 12.8, p. 92). The servlet 2.2 spec was silent on this point, although some containers behave that way. Craig
Re: howto redirect
I asked this on another thread of discussion but never got an answer. Is this automatic redirection to SSL new for Tomcat 4.0? I'm using 3.2.3 and when I set this user-data-constraint it appears that Tomcat verifies access via SSL but does not redirect if it is not. From your response below I assume this is 4.0 only. Thanks, Dave "Craig R. McClanahan" <[EMAIL PROTECTED]> on 07/26/2001 12:01:51 PM Please respond to [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: howto redirect On Thu, 26 Jul 2001, Bernhard Wraase wrote: > In the docs it seems simple... > Even in the thread recently > > But it don't work. > Each request works: > http://127.0.0.1:8080 ->http://127.0.0.1:8080/index.html > https://127.0.0.1:8443 ->https://127.0.0.1:8443/index.html > > But I want this: > http://127.0.0.1:8080 ->https://127.0.0.1:8443/index.html > If you want Tomcat 4.0 to automatically do this redirect for you, then you need to set up a security constraint inside the web.xml file of your ROOT web app, and have that constraint require SSL. For example: ... The Entire Web App /* CONFIDENTIAL ... In this scenario, we do not have an , so we will never challenge the user for a username or password. However, the transport guarantee says that this entire webapp (i.e. all URIs that match "/*") can only be accessed via SSL, so Tomcat will do an automatic redirect (to port 8443 in this case, because of your server.xml configuration below). Craig McClanahan > The server.xml looks like: > > > > > className="org.apache.catalina.connector.http.HttpConnector" >port="8080" minProcessors="5" maxProcessors="75" >enableLookups="true" redirectPort="8443" >acceptCount="10" debug="0" connectionTimeout="6"/> > > > > className="org.apache.catalina.connector.http.HttpConnector" >port="8443" minProcessors="5" maxProcessors="75" >enableLookups="true" > acceptCount="10" debug="0" scheme="https" secure="true"> >className="org.apache.catalina.net.SSLServerSocketFactory" >keystorePass="nordwest" clientAuth="false" > protocol="TLS"/> > > --snip-- > --snap-- > > > Any suggestions? > -- > TIA Bernhard Wraase > > >
Re: howto redirect
On Thu, 26 Jul 2001, Bernhard Wraase wrote: > In the docs it seems simple... > Even in the thread recently > > But it don't work. > Each request works: > http://127.0.0.1:8080 ->http://127.0.0.1:8080/index.html > https://127.0.0.1:8443 ->https://127.0.0.1:8443/index.html > > But I want this: > http://127.0.0.1:8080 ->https://127.0.0.1:8443/index.html > If you want Tomcat 4.0 to automatically do this redirect for you, then you need to set up a security constraint inside the web.xml file of your ROOT web app, and have that constraint require SSL. For example: ... The Entire Web App /* CONFIDENTIAL ... In this scenario, we do not have an , so we will never challenge the user for a username or password. However, the transport guarantee says that this entire webapp (i.e. all URIs that match "/*") can only be accessed via SSL, so Tomcat will do an automatic redirect (to port 8443 in this case, because of your server.xml configuration below). Craig McClanahan > The server.xml looks like: > > > > > className="org.apache.catalina.connector.http.HttpConnector" >port="8080" minProcessors="5" maxProcessors="75" >enableLookups="true" redirectPort="8443" >acceptCount="10" debug="0" connectionTimeout="6"/> > > > > className="org.apache.catalina.connector.http.HttpConnector" >port="8443" minProcessors="5" maxProcessors="75" >enableLookups="true" > acceptCount="10" debug="0" scheme="https" secure="true"> >className="org.apache.catalina.net.SSLServerSocketFactory" >keystorePass="nordwest" clientAuth="false" > protocol="TLS"/> > > --snip-- > --snap-- > > > Any suggestions? > -- > TIA Bernhard Wraase > > >
Re: howto redirect
Thank you for your response Rams, > this is not possible.. but what does this mean? 1.) Redirect won't work at all or 2) It should work because the server.xml seems to be okay or 3) It can't work because the server.xml has severe failures or 4) Something else TIA Bernhard Wraase
RE: howto redirect
this is not possible.. Rams -Original Message- From: Bernhard Wraase [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 26, 2001 3:12 PM To: [EMAIL PROTECTED] Subject: howto redirect In the docs it seems simple... Even in the thread recently But it don't work. Each request works: http://127.0.0.1:8080 ->http://127.0.0.1:8080/index.html https://127.0.0.1:8443 ->https://127.0.0.1:8443/index.html But I want this: http://127.0.0.1:8080 ->https://127.0.0.1:8443/index.html The server.xml looks like: --snip-- --snap-- Any suggestions? -- TIA Bernhard Wraase