Of course, one way is to comment out the http connector. The other way is
to include a security-constraint in your web.xml something like:
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL area</web-resource-name>
<url-pattern>/protected/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
This forces all URLs under /myapp/protected to use SSL to process them. Of
course, modify the url-pattern to match your use case.
You can only configure this per-directory with Tomcat-out-of-the-box. To
configure this per-user, you would need to write your own Filter to do this.
"Sarika Inamdar " <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> We are using tomcat 4.1.24. The server.xml has configuration for http
> and https.
>
> Now if user wants to disable http and use only https, is there a way to
> do that in server.xml.
>
> One way is to comment the config of http is server.xml But we don't want
> to pursure in this direction.
>
> Is there any property we can set in server.xml to disable htpp or https
> based on user preferece.
>
> Please help me on this.
>
> Thanks Much in Advance,
> Sarika
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
