Anyone know how to configure Tomcat (5.0) to simply reject a non-HTTPS request when the transport guarantee is CONFIDENTIAL, rather than to issue a redirect?
I can't find anything on this in the documentation. I tried removing the redirectPort attribute from the Connector element, and it seemed to make no difference. The doc says this:
|redirectPort|
If this *Connector* is supporting non-SSL requests, and a request is received for which a matching |<security-constraint>| requires SSL transport, Catalina will automatically redirect the request to the port number specified here.
How do I turn off this automatic redirect? I would rather issue an error response.
Thanks, Erik
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
