In tomcat force http connection to https
when your first sentence is not a typo, just add a connector for http on port 8080 and add the redirect as you described. you can't have http and https listen on the same port. so let http listen on port 8080 and https on port 8443.
Related videos on Youtube
Comments
-
josdev over 1 year
I am trying to force a connection to
http://localhost:8443
tohttps://localhost:8443
. The site works correctly if they go tohttps://localhost:8443
. In case the user forgets the s in https I would like tomcat to correct it for them.I only have one connector for https, defined as:
<Connector port="8443" rediretPort="8443" protocol="HTTP/1.1" connectionTimeout="20000" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keyAlias="alias" keystoreFile="keystore.jks" keypass="PASSWORD" />
This is on a Windows server. Tomcat 6 is a standalone server (not connected to IIS).
I have tried to modify web.xml to include the following:
<security-constraint> <web-resource-collection> <web-resource-name>Protected Context</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint>
This does not work for me. From what I have read, this would redirect a user from
http://localhost:8080
tohttps://localhost:8443
(if the connector 8080 defined the redirectPort as 8443).I am not sure this is even possible with a standalone Tomcat server. I know this is possible with apache mod_rewrite or some other similar solution, but I do not want to install any other service on the Windows machine.
-
josdev over 14 yearsThat does not help when a user types
http://localhost:8443
. This would work if they did not have to specify a port. Unfortunately the defaults ports 80/443 are in use. Thus I have to use port 8443. My issue was if it was possible to have a http and https listen on the same port. As you stated they cannot. I guess what I was trying to do is not possible. -
user2987902 over 14 yearscould you add a vhost to your webserver already listening on port 80/443? you could configure it to act as a reverse proxy in front of your tomcat. this way your users could use the default ports.