Hi Folks, I've got an application that I'm running over HTTPS and I'd like to make it so that users can't connect to it over plain old HTTP. I think that the web.xml user-data-constraint/transport-guarantee element is what I'm after but I have a question about its behavior. When I set it to CONFIDENTIAL and make a request over HTTPS then all's well, and when I make the same request over HTTPS I get a 403. I suppose that this is OK, if somewhat user-hostile, but I can probably work around it using a listener or some such. I was poking around in JettyConnector.java, however, and it looks like it's trying to configure a few parameters to make Jetty automatically redirect HTTP requests over to HTTPS, but I'm not getting that behavior.
So my question is: how do I enable the auto-redirect behavior? Is there a flag in a plan file that I need to set? Thanks, Toby
