RE: Redirect port 80 requests to 443
John, I'm not sure if I am missing your point, but it sounds like I wanted to achieve the same thing as you (that is all requests to a standalone instance of Tomcat via https) and I did this by placing the following snippet of code in the /conf/web.xml, which applies to all applications: security-constraint web-resource-collection web-resource-nameAll Servlets/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guarantee CONFIDENTIAL /transport-guarantee /user-data-constraint /security-constraint This goes at the very end of web.xml, just before /web-app. This causes all requests on that Tomcat instance to use https. Does this help at all? Adam -Original Message- From: John Roth [mailto:[EMAIL PROTECTED]] Sent: 07 June 2002 20:59 To: 'Tomcat Users List' Subject: RE: Redirect port 80 requests to 443 Actually, I took it a step further: I wanted to be sure that anyone who goes to http: gets redirected. With just a simple redirection page, someone could still go http://oursite/ourapp and get by without using SSL. Here's what I did: 1. added a new Service with the http connector (port 80) and a single app with 1 page (index.html) and web.xml. 2. The index.html redirects them to https: 3. Snippets of code from server.xml: Service name=Tomcat-(Redirector) Connector className=org.apache.catalina.connector.http.HttpConnector address=x.x.x.x port=80 {remainder removed for ease}/ Engine name=Redirector defaultHost=localhost Host name=localhost debug=4 appBase=webapps unpackWARs=true Context path= docBase=e:/staging/wwwroot/Redirector reloadable=false/ /Host /Engine /Service Service name=Tomcat-(Staging) Connector className=org.apache.catalina.connector.http.HttpConnector address=x.x.x.x port=443 {remainder removed} Factory className=org.apache.catalina.net.SSLServerSocketFactory {remaining SSL Factory stuff}/ /Connector Engine name=Standalone defaultHost=localhost ... remainder of server.xml ... Thanks, John -Original Message- From: Richard S. Huntrods [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 3:38 PM To: [EMAIL PROTECTED] Subject: RE: Redirect port 80 requests to 443 John Roth said: This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Why not simply create a web page that automatically redirects the request to the https page? That is what I did and it works fine. -Richard -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] ** This message may contain information which is confidential or privileged. If you are not the intended recipient, please advise the sender immediately by reply e-mail and delete this message and any attachments without retaining a copy. ** -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Redirect port 80 requests to 443
Hi John, Tomcat will do this automatically with your app but it has to know that it is meant for the secure port only. You tell it this by including something like the following in your web.xml for the app. security-constraint web-resource-collection web-resource-nameappName/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint Rick - Original Message - From: John Roth [EMAIL PROTECTED] This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Connector className=org.apache.catalina.connector.http.HttpConnector port=80 minProcessors=2 redirectPort=443 maxProcessors=15 enableLookups=false acceptCount=10/ Connector className=org.apache.catalina.connector.http.HttpConnector port=443 minProcessors=2 maxProcessors=15 enableLookups=false acceptCount=10 scheme=https secure=true Factory className=org.apache.catalina.net.SSLServerSocketFactory keystoreFile=***.keystore keystorePass=* clientAuth=false protocol=TLS/ /Connector Any ideas/pointers? Thanks, John Roth, Director net.Media Provider Solutions Corp. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Redirect port 80 requests to 443
John Roth said: This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Why not simply create a web page that automatically redirects the request to the https page? That is what I did and it works fine. -Richard -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Redirect port 80 requests to 443
Actually, I took it a step further: I wanted to be sure that anyone who goes to http: gets redirected. With just a simple redirection page, someone could still go http://oursite/ourapp and get by without using SSL. Here's what I did: 1. added a new Service with the http connector (port 80) and a single app with 1 page (index.html) and web.xml. 2. The index.html redirects them to https: 3. Snippets of code from server.xml: Service name=Tomcat-(Redirector) Connector className=org.apache.catalina.connector.http.HttpConnector address=x.x.x.x port=80 {remainder removed for ease}/ Engine name=Redirector defaultHost=localhost Host name=localhost debug=4 appBase=webapps unpackWARs=true Context path= docBase=e:/staging/wwwroot/Redirector reloadable=false/ /Host /Engine /Service Service name=Tomcat-(Staging) Connector className=org.apache.catalina.connector.http.HttpConnector address=x.x.x.x port=443 {remainder removed} Factory className=org.apache.catalina.net.SSLServerSocketFactory {remaining SSL Factory stuff}/ /Connector Engine name=Standalone defaultHost=localhost ... remainder of server.xml ... Thanks, John -Original Message- From: Richard S. Huntrods [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 3:38 PM To: [EMAIL PROTECTED] Subject: RE: Redirect port 80 requests to 443 John Roth said: This seems simple, but ... I am running Tomcat 4.0.3, standalone on w2k. I would like all requests to http://oursite/ to be automatically redirected to https://oursite/ but am not finding an elegant/simple solution. Below is a snippet from server.xml: Why not simply create a web page that automatically redirects the request to the https page? That is what I did and it works fine. -Richard -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]