-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tim,
On 5/31/12 1:16 PM, Timothy J Schumacher wrote: > I am wondering if there is a way to use transport CONFIDENTIAL for > all hosts that are not localhost? I am guessing the servlet spec > does not allow this, it seems to be all or none in the web.xml > config. Correct: the servlet spec has no provision for doing this via configuration. > Perhaps there is a way configure transport NONE in web.xml and then > manually configure a valve/filter in context.xml that would enforce > CONFIDENTIAL to all remote hosts but let localhost pass without > redirects to port 443? You could certainly do that. Take a look at tuckey's url-rewrite project: it may be able to do that with a drop-in JAR file and very simple rule configuration. Otherwise, writing such a filter is pretty trivial. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/HxmEACgkQ9CaO5/Lv0PDWTQCeN7kl5KIOp8B0NsDUjd8TyXy4 4wMAnjjKQ3tJpCYeEDwBQKk72nNJJPzI =OnWt -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
