-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chuck,
On 2/12/16 3:06 PM, Caldarale, Charles R wrote: >> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com] >> Subject: Re: Does Tomcat need a non-ssl connector? > >> On 2/12/16, 11:40 AM, m...@kimwana.com wrote: > >>> Perhaps I should have phrased this differently. I want to >>> force clients to ssl. When they hit http://app.myurl.com their >>> browser should load https://app.myurl.com > >> Wouldn't mind knowing that myself. All the Tomcat installations >> I'm responsible for are set up to simply reject non-secured >> connections (that's EASY, just comment out the non-secured >> connector); I'm sure some customers would like it to behave as >> you describe. > > Read the servlet spec. +1 > Simply set transport-guarantee to CONFIDENTIAL for all URL > patterns (/*). You can do this in the global conf/web.xml, if > desired. Not quite: there is still a bit of Tomcat configuration that needs to be done. The default configuration will do this correctly (redirect port 8080 -> 8443). If you want different port numbers, you'll need to read the configuration reference for the HTTP connector. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAla+XogACgkQ9CaO5/Lv0PBYpACfcRriDcScS0UUbq6cFvOiCpfq QnUAnRGtVj7K0G+3PtUI2M5uF+mu3/hr =nzQi -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
