On 27/05/2014 17:31, John Smith wrote: > Tomcat 7.0.42, RHEL6, JDK1.7.0_25, Standalone TC configuration. IPTABLES > route port 80 to 8080 > > I've got a subdirectory like 'www.mysite.com/admin' that I want to put > under FORM based authentication. That's clear enough, and I've got the java > keytool cert working well enough on my dev box until I get one from a CA. > > Couple of questions: > > 1. Anyone familiar with any problems routing 443 to 8443 on *nix boxes for > TC SSL certs? It's preferable to not have my end users needing port > numbers. The cert doesn't care about the port, IIRC.
Should be fine. > 2. With the SSL connector enabled, https://* is globally respected on the > entire webapp. Do I need to manually check the URL/protocol to deny or > redirect https to http outside of '/admin'? Is there any built in TC > mechanism or suggested best practice to handle this? or should I not care? Nothing to automatically handle https -> http. Unless it causes an issue, I'd just leave it. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
