Dear Tomcat users/Devs, We have our app (deployed to tomcat as a war), redirecting all port 80 traffic to 443. Currently, anything accessed on port 80 gets redirect response 302.
We are trying to update Tomcat config so that it returns 301 instead of 302. We have been able to do it for a subset of URLs, but not for all URLs. E.g. http://test-host/api/ returns 301, but http://test-host/ returns 302 -bash-4.2$ curl -i http://test-host/api/ HTTP/1.1 301 Cache-Control: private Location: https://test-host/api/ Content-Length: 0 Date: Thu, 01 Dec 2022 11:58:39 GMT Server: Web server -bash-4.2$ curl -i http://test-host/api HTTP/1.1 302 Location: https://test-host/tgc/index.html Content-Length: 0 Date: Thu, 01 Dec 2022 11:58:57 GMT Server: Web server -bash-4.2$ curl -i http://test-host/ HTTP/1.1 302 Location: https://test-host/tgc/index.html Content-Length: 0 Date: Thu, 01 Dec 2022 11:59:01 GMT Server: Web server Here is the config in our $CATALINA_BASE/conf/server.xml <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.NullRealm" transportGuaranteeRedirectStatus="301"/> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> We have only one engine named Catalina, and only one host named localhost $CATALINA_BASE/conf/web.xml defines the transport-guarantee to be CONFIDENTIAL <security-constraint> <web-resource-collection> <web-resource-name>SSL-Only Resources</web-resource-name> <description> http access to these URL patterns should be automatically redirected to https. Note that we do not use the http-method tag, so we are restricting all methods. </description> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> Our is deployed as $CATALINA_BASE/webapps/ROOT.war There is no other app under ‘webapps’ directory. Could you please help us figure out the right configuration for all URLs to return 301 status when accessed using http? Basically, we are looking for URL http://test-host/<http://testhost/> and any child URLs to return status 301. Here are system details OS: CentOS 7 Tomcat version: 8.5.82 Java: Amazon Corretto 11.0.14.9.1 Looks like it depends on transport-guarantee configuration, but we haven’t been able to figure out the right way to do it for all URLs served by the server. Thanks, Atul Note: I have gone through several online resources looking for an answer. Few of them, I have listed below https://tomcat.apache.org/tomcat-8.5-doc/config/realm.html#Null_Realm_-_org.apache.catalina.realm.NullRealm https://stackoverflow.com/questions/32817514/perform-301-redirect-from-http-to-https-in-apache-tomcat
