I read in another message that was posted to this list that you can use the
redirectPort variable in server.xml for a connector to have a non-SSL
connection redirected to a SSL connection?
Can someone tell me what other settings I need to use in order to get this
to work?
Basically, what I want to do is make it so that all connections using
http:// get redirected to https://. i.e. I want to require SSL. However, I
still want the Web server to listen on port 80 that way if I use forgets to
enter the 's' at the end of https they will still get to the right place.
Ideally, I would also like to require 128-bit encryption as well, but, if
anyone can answer the question about redirection, I would be greaty
appreciative.
Anyone know how to do this?
Also, I'm wondering if the variables and values for web.xml and server.xml
are documented somewhere? For example, I'm thinking that maybe there is a
<security-constraint> setting that you may need to use that specifies that
access to a servlet needs to be over SSL or something?
Jon
