Hi-
You might try using a security constraint in web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>SSLPages</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
The web resource name and url pattern will have to be specified
according to your requirements.
-Terence M. Bandoian
>
> Good afternoon,
>
> I have a functional apache web server(2.0.52) and Tomcat(5.0.28) app
> server install. I'm trying to figure out the best way to do a redirect
> to enforce SSL logins.
> I can rewrite the URL with the webserver mod_rewrite BEFORE the
> JkMount directives are applied but not after as it is handed off to
> the Tomcat server.
> So if my URL has a tomcat mount pattern in it, the rewrites do not get
> applied.
> I find that this is a problem in general that the web server rules get
> ignored when passed to the JkMount.
>
>
> I prefer having my certs and SSL work happening in the web server
> level rather than the app server.
> Is there a graceful way of transforming the URL that I'm overlooking
> besides putting it in the app code?
>
> Thank you!
>
> -Kiarna
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
