DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24593>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24593 Redirect http to https Summary: Redirect http to https Product: Tomcat 4 Version: 4.1.24 Platform: PC OS/Version: Windows XP Status: NEW Severity: Blocker Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] I'm using jakarta-tomcat-4.1.24 When I browse to my http page, I want the user to be redirected to my https page, like: http://localhost/index.jsp should be redirected to https://localhost/index.jsp and from then on it should continue to use HTTPS. In this regard, I changed my server.xml and web.xml as follows... server.xml ---------- <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector className="org.apache.catalina.connector.http.HttpConnector" address="localhost" port="80" minProcessors="5" maxProcessors="75" enableLookups="true" redirectPort="443" useURIValidationHack="false" disableUploadTimeout="true" acceptCount="10" debug="0" connectionTimeout="60000"/> <!-- Define an SSL HTTP/1.1 Connector on port 8443 --> <Connector className="org.apache.catalina.connector.http.HttpConnector" address="localhost" port="443" minProcessors="5" maxProcessors="75" enableLookups="true" useURIValidationHack="false" disableUploadTimeout="true" acceptCount="10" debug="0" scheme="https" secure="true"> <Factory className="org.apache.catalina.net.SSLServerSocketFactory" keystoreFile="C:/certificates/server.p12" keystorePass="nasdadbaskukndssdfkslfsdf" keystoreType="pkcs12-def" clientAuth="false" protocol="TLS"/> </Connector> web.xml ------- <security-constraint> <web-resource-collection> <web-resource-name>loginRequired</web-resource-name> <url-pattern>/ip/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>SSL login</web-resource-name> <url-pattern>/log_on.jsp</url-pattern> </web-resource-collection> <user-data-constraint> <description>Secured</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/log_on.jsp</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config> But, when I browse to http://localhost/index.jsp, it still uses HTTP. Can you suggest me the right way to do it. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
