This procedure describes how to change the Tomcat configuration to automatically redirect HTTP to HTTPS. This is an optional procedure to enhance security.
NOTE: A connector with the redirect rule must exist in the server.xml file, as follows:
<Connector port="18080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
***port (redirect from)= <HTTP_PORT> ; redirectPort (redirect to)=<HTTPS_PORT>
To redirect HTTP to HTTPS:
<security-constraint>Na
<web-resource-collection>
<web-resource-name>Redirect Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Parent Topic |