Tomcat application connect via https only?
I am a newbie to Tomcat. I have 5.0.28. I would like to set up a web application so that one can ONLY connect to it via https. Anyone know how I can do this? I was able to set up Tomcat (via server.xml and certificates) so that one can connect to the app via either http or https and can even force it to redirect http to https via the user-data-constraint and transport-guarentee elements in the web application's web.xml file. BTW the application is an Axis web service if that matters any. Nick
Re: Tomcat application connect via https only?
In the server.xml that comes with tomcat there are 2 HTTP/1.1 connectors defined. One is on port 8080 the other is on port 8443. Comment out the 8080 one and uncomemnt the 8443 one and change the port to 443. Install your cert and you should be good to go. Regards Ben Short On 6/20/07, Vigorito, Nicholas E. [EMAIL PROTECTED] wrote: I am a newbie to Tomcat. I have 5.0.28. I would like to set up a web application so that one can ONLY connect to it via https. Anyone know how I can do this? I was able to set up Tomcat (via server.xml and certificates) so that one can connect to the app via either http or https and can even force it to redirect http to https via the user-data-constraint and transport-guarentee elements in the web application's web.xml file. BTW the application is an Axis web service if that matters any. Nick - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat application connect via https only?
Doing that will make it so that ALL apps on the server can only be connected to via HTTPS, correct? Any way to do it just for one app? Nick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] rg] On Behalf Of ben short Sent: Wednesday, June 20, 2007 11:04 AM To: Tomcat Users List Subject: Re: Tomcat application connect via https only? In the server.xml that comes with tomcat there are 2 HTTP/1.1 connectors defined. One is on port 8080 the other is on port 8443. Comment out the 8080 one and uncomemnt the 8443 one and change the port to 443. Install your cert and you should be good to go. Regards Ben Short On 6/20/07, Vigorito, Nicholas E. [EMAIL PROTECTED] wrote: I am a newbie to Tomcat. I have 5.0.28. I would like to set up a web application so that one can ONLY connect to it via https. Anyone know how I can do this? I was able to set up Tomcat (via server.xml and certificates) so that one can connect to the app via either http or https and can even force it to redirect http to https via the user-data-constraint and transport-guarentee elements in the web application's web.xml file. BTW the application is an Axis web service if that matters any. Nick - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat application connect via https only?
From: Vigorito, Nicholas E. [mailto:[EMAIL PROTECTED] Subject: RE: Tomcat application connect via https only? Doing that will make it so that ALL apps on the server can only be connected to via HTTPS, correct? Any way to do it just for one app? It depends on where you put the transport-guarantee. If it's in the global conf/web.xml, it will apply to all webapps; if it's in a WEB-INF/web.xml, it applies just to that webapp. Read the servlet spec. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat application connect via https only?
I dont know about doing it via the config files, but i guess you could write a filter that will check the requests url is https and if not redirect them to the correct the https url. On 6/20/07, Vigorito, Nicholas E. [EMAIL PROTECTED] wrote: Doing that will make it so that ALL apps on the server can only be connected to via HTTPS, correct? Any way to do it just for one app? Nick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] rg] On Behalf Of ben short Sent: Wednesday, June 20, 2007 11:04 AM To: Tomcat Users List Subject: Re: Tomcat application connect via https only? In the server.xml that comes with tomcat there are 2 HTTP/1.1 connectors defined. One is on port 8080 the other is on port 8443. Comment out the 8080 one and uncomemnt the 8443 one and change the port to 443. Install your cert and you should be good to go. Regards Ben Short On 6/20/07, Vigorito, Nicholas E. [EMAIL PROTECTED] wrote: I am a newbie to Tomcat. I have 5.0.28. I would like to set up a web application so that one can ONLY connect to it via https. Anyone know how I can do this? I was able to set up Tomcat (via server.xml and certificates) so that one can connect to the app via either http or https and can even force it to redirect http to https via the user-data-constraint and transport-guarentee elements in the web application's web.xml file. BTW the application is an Axis web service if that matters any. Nick - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat application connect via https only?
Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] rg] On Behalf Of Caldarale, Charles R Sent: Wednesday, June 20, 2007 11:16 AM To: Tomcat Users List Subject: RE: Tomcat application connect via https only? From: Vigorito, Nicholas E. [mailto:[EMAIL PROTECTED] Subject: RE: Tomcat application connect via https only? Doing that will make it so that ALL apps on the server can only be connected to via HTTPS, correct? Any way to do it just for one app? It depends on where you put the transport-guarantee. If it's in the global conf/web.xml, it will apply to all webapps; if it's in a WEB-INF/web.xml, it applies just to that webapp. Read the servlet spec. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
