Aha! I had <user-dat*e*-constraint/>!! Doh.
Knight, Digby wrote:
Hi all,
I know this has been discussed a thousand times, but I've just tried to set up Https redirection on Tomcat 5.0.19 or 24, and no matter what I do or what instructions I follow, it won't work. Below are snips from my server.xml and applications web.xml - are they okay, or do I need to do anything else? I've tried having BASIC, FORM, NONE and no authentication, with and without roles and loads of other permutations.
So below, I hit /index.jsp okay, and then hitting /pp/index.jsp just takes me stright there - no redirect to https.
Https is working if I go there - there are no problems with the certificate.
Many thanks
Digby
server.xml
...
<Connector acceptCount="100" connectionTimeout="20000" debug="0" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="80" redirectPort="443" scheme="http" secure="false"/>
<Connector acceptCount="100" disableUploadTimeout="true" enableLookups="false" keystoreFile="****" keystorePass="****" maxProcessors="75" port="443" redirectPort="80" scheme="https" secure="true" sslProtocol="TLS">
<Factory className="org.apache.coyote.tomcat5.CoyoteServerSocketFactory" clientAuth="true" keystoreFile="****" keystorePass="****"/>
</Connector>
...
web.xml
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Areas</web-resource-name>
<url-pattern>/pp/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>reg_user</role-name>
</auth-constraint>
<user-date-contraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-date-contraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Inecure Areas</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-date-contraint>
<transport-guarantee>NONE</transport-guarantee>
</user-date-contraint>
</security-constraint>
<!--login-config>
<realm-name>Secure Areas</realm-name>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config-->
<security-role>
<role-name>reg_user</role-name>
</security-role>
...
-----------------------------------------
*****************************************************************
Confidentiality Note: The information contained in this message, and any attachments, may contain confidential and/or privileged material. It is intended solely for the person(s) or entity to which it is addressed. Any review, retransmission, dissemination, or taking of any action in reliance upon this information by persons or entities other than the intended recipient(s) is prohibited. If you received
this in error, please contact the sender and delete the material from any computer.
*****************************************************************
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
