We are running Tomcat 5.5.20 as a standalone web server for a
third-party's web and servlet applications. On this server (Linux),
Iptables is redirecting ports 80 to 8080 and 443 to 8443 (to run Tomcat as
regular user.) In addition, we are interested in configuring Tomcat so
that requests to port 8080 (default ports for both applications) are
automatically redirected to port 8443.
After performing the following steps below, the redirect does not work. In
a web browser, both ports (8080 & 8443) can be accessed directly, but only
want port 8443 available for use. Any ideas on how to fix are
appreciated.
(1) Created a self-signed certificate and changed the default keystore
pasword.
(2) Un-commented the SSL HTTP/1.1 Connector section in server.xml (see
below).
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/some/file/path"
keystorePass="somepassword" />
(3) In file, $CATALINA_HOME/conf/web.xml, added the following:
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
(4)Restarted Tomcat.
--
Latesha Williams
Applications Support, Information Technology
American Museum of Natural History
[EMAIL PROTECTED]
212.769.5947
917.837.2460
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
