«

»

May 20

Tomcat 8 redirect and force SSL

Edit the tomcat8/conf/server.xml and add the following for 80, and another for 8080 if need be.

<Connector port=”80″ protocol=”HTTP/1.1″
connectionTimeout=”20000″
URIEncoding=”UTF-8″
enableLookups=”false”
redirectPort=”443″ />

Now Edit the tomcat8/conf/web.xml and at the bottom just above </web-app> put in the following and changing Entire Application to your application in webapps.

<!– SSL settings. only allow HTTPS access to MY APPLICATION –>
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!– auth-constraint goes here if you requre authentication –>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

Now restart the tomcat service.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>