Adding the following lines to your deployment descriptor ( web.xml ) will do the trick
:
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
However - Does anyone know how to configure this in server.xml rather than web.xml. I
would really be able to configure it on a
server by server basis ( e.g. development vs. production machines ). ?
Steph
> -----Original Message-----
> From: Raghu Karamel [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 11, 2003 8:49 PM
> To: [EMAIL PROTECTED]
> Subject: Redirecting HTTP requests to HTTPS
>
>
> Experts,
>
> Need your help!!
>
> I have both the HTTP (port 8080) and HTTPS (Port 8443) working with my Tomcat server
> (Version 3.2.. I believe).
>
> So is there any way I can get all the HTTP requests redirected to HTTPS by Tomcat?
> Something by tweaking the Tomcat
> configuration files?
>
> I do not have an Apache server there to serve Tomcat, otherwise I would have used
> the mod_rewrite to get that done.
>
> Thanks and your help will be appreciated.
>
> Raghu
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
