Hey all,
We are using Tomcat 6.0 / Apache 2.2. We would like the user to login
over HTTPS rather than plain HTTP.
So, I have defined the following security-constraint in the web.xml
file of our web application:
<security-constraint>
<display-name>Login</display-name>
<web-resource-collection>
<web-resource-name>Login</web-resource-name>
<url-pattern>/spring_security_login</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
When a user clicks on the login link <a
href="/spring_security_login">Login</a>, he/she is redirected to the
following URL and the browser shows an "Unable to connect" error:
https://ourwebsite.com:8443/spring_security_login
What do I need to do so that the user is directed to
https://ourwebsite.com/spring_security_login instead (which, displays
the login page correctly). i.e. I do not want a port number in the
URL.
Please advise.
Thank you!
Joe
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
