Fixed it by brute force. First, I tried putting the changes ONLY in ../tomcat/webapps/ROOT/WEB-INF/web.xml instead of ../tomcat/conf/web.xml
The good news is that didn't affect the servlet application. The bad news is now the http://mydomain.com/ started getting the 404 error. So I undid that and the error went away. That led me to the brute force approach. The application (servlets on tomcat) has a large set of static web pages that are used as promotional material for the application. In the early days this was on a different apache server, but over the years (and due to colocation costs) migrated to the ROOT directory of tomcat. It's always worked just fine, so why mess with stuff that's working and not 'wrong'. There are about a dozen html pages and lots of other files, but only the dozen html pages matter. They all have a single link (via tabbed menu) to "index.html". It was not difficult to rename index.html to be home.html and change all the links (took all of 10 min total). I then created a new index.html with the single key line in <head>: <meta http-equiv="Refresh" content="0;url=https://mydomain.com/home.html";> This line I've used before in other java servlet/tomcat applications when I really want http://mydomain.com to automatically redirect to the servlet application (I change home.html to the servlet URL). It works. After making this change - and I didn't even have to restart tomcat - it now works perfectly. Eventually I'll figure out what I did wrong trying to use web.xml to do the above auto-redirection, but this works and is simple. -R On 7/20/2019 7:47 AM, Richard Huntrods wrote: > OK. That was really weird. > > As I said in my message, following the directions on the web did NOT > work. It didn't force redirection from http to https. > > What it DID end up doing was to kill the tomcat servlet application. > Before the change it was working fine, and after the change it would > only generate a 404 page. > > I reverted to the original /conf/web.xml, restarted tomcat and the > servlet application is back up and running perfectly. > > So this code in /conf/web.xml affected the servlet but not the ROOT > static web pages. > > I'm thinking I need to make the change I noted, but in ROOT/web.xml > instead. I'll try that today. But it was weird that the change in > /conf/web.xml killed the servlet but didn't affect the ROOT static > pages at all. Especially weird since the servlet application ONLY > runs on port 443 (https). > > -R > > On 7/19/2019 7:18 PM, Richard Huntrods wrote: >> I tried implementing automatic redirection from HTTP to HTTPS on my >> tomcat today, but it's not working. >> >> First, my system: >> OS: Ubuntu 18.04.2 LTS (server) >> Tomcat: 9.0.22 (installed from tomcat distribution, not via apt get) >> Java: OpenJDK "11.0.3" 2019-04-16 >> Mysql: Ver 14.14 Distrib 5.7.26 >> >> This web application has it's own domain (let's call it >> "mydomain.com" ) and has working HTTPS - and has done for some time >> now. >> >> Static web pages are served on this application via tomcat using the >> ROOT directory ../tomcat/webapps/ROOT >> >> Again, this is working just fine. If I type "https://mydomain.com"; I >> see the secure static pages. If I type "http://mydomain.com"; I see >> the same pages, but browsers inform me the page isn't secure. >> >> I want to force tomcat to redirect "http://mydomain.com"; to >> "https://mydomain.com"; always. >> >> I found instructions for auto-redirection on several on-line sites, >> and all had the same instructions. >> >> I already have the redirect code in server.xml: >> >> <Connector port="80" protocol="HTTP/1.1" >> connectionTimeout="20000" >> redirectPort="443" /> >> >> So all I had to add (according to the instructions) was code at the >> end of ...tomcat/conf/web.xml >> >> <security-constraint> >> <web-resource-collection> >> <web-resource-name>Secured</web-resource-name> >> <url-pattern>/*</url-pattern> >> </web-recource-collection> >> <user-data-constraint> >> <transport-guarantee>CONFIDENTIAL</transport-guarantee> >> </user-data-constraint> >> </security-constraint> >> >> just before the final </web-app> >> >> I did this and restarted tomcat. It doesn't work. >> >> After restarting tomcat, if I type in "http://mydomain.com"; I still >> see the unsecured version. It does not auto-redirect to https. >> >> What am I missing? >> >> Thanks, >> -Richard --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus -- This communication is intended for the use of the recipient to whom it is addressed, and may contain confidential, personal, and or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communications received in error, or subsequent reply, should be deleted or destroyed. --- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
