Hi - I am new to all forms of web server configuration, so please bear with
me!
I am using Apache+mod_ssl and tomcat (mod_jk), with Cocoon installed under
tomcat. I wish to create a username and logon page index.xml with secure
transmission of data to connection.xml.
After much agony, I managed to get to the stage where
https://<the-host>/Cocoon/Connection/index.xml would give me a secure
connection. However, http://<the-host>/Cocoon/Connection/index.xml would
still work to give a non-secure connection.
I added SSLRequireSSL to the <Directory> pointing to
$TOMCAT-HOME/webapps/Cocoon, and included SSLOptions +StrictRequire in the
SSL configuration, but to no avail.
Do I need to inform tomcat of the SSL requirement, and if so how?
Many thanks,
Bob.
