Skip to content

tomcat ssl

August 14, 2008

Use the web-resource-collection and user-data-constraint tag together for redirecting auto from http to https when both are enabled on tomcat.

<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/loginPage*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

But if you are using the top.location.htref = to set the url then the above will not work in case of redirection – better to use – https in the url itself and then redirect.

Enable both http and https and control which pages wish to have ssl using tomcat.

🙂

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: