This is part of the servlet specs. In your WEB-INF/web.xml file, you need
a security constraint that says the site should be secure, something like:
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire site</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
The "confidential" keyword ensures that the webapp will require https, so if
you try to get it via http, then the redirect stuff specifed in your
server.xml will be applied.
David
----- Original Message -----
From: "Won Sim" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 13, 2004 8:13 AM
Subject: How to redirect http to https automatically?
> I set redirectPort attribute to 443, which is my SSL connector port
number,
> from port 80 connector in the server.xml. This doesn't redirect http to
> https automatically. In other words, I still can access the application
via
> http://server/myapp. I want to know how to redirect http to https
> automatically so when I enter http://server/myapp, Tomcat redirects to
> htts://server/myapp. I am using Tomcat 4.1.30.
>
> Thanks in advance.
> Won.
>
> _________________________________________________________________
> Don't just search. Find. Check out the new MSN Search!
> http://search.msn.click-url.com/go/onm00200636ave/direct/01/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
