-
-
Save jtgasper3/10501274 to your computer and use it in GitHub Desktop.
| <!-- | |
| To force Tomcat to redirect and revert all requested HTTP traffic over to HTTPS, configure the `conf/web.xml` file with the below block. | |
| This should be placed at the very end of the file near and above the ending `</webapp>` tag: | |
| --> | |
| <security-constraint> | |
| <web-resource-collection> | |
| <web-resource-name>Automatic Forward to HTTPS/SSL | |
| </web-resource-name> | |
| <url-pattern>/*</url-pattern> | |
| </web-resource-collection> | |
| <user-data-constraint> | |
| <transport-guarantee>CONFIDENTIAL</transport-guarantee> | |
| </user-data-constraint> | |
| </security-constraint> |
Not working with tomcat8 if we are using running under aws ALB. and ssl on ALB
Hi @ashokkumar2003, any solution for ALB with SSL?
Some applications don't work correctly with that security-constraint, so I followed a completely different approach:
- Edit
conf/server.xmland add the following element into<Host name="localhost" ...>:
<Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
- Create the file
conf/Catalina/localhost/rewrite.config:
RewriteCond %{HTTPS} =off
RewriteRule ^(.*) https://%{HTTP_HOST}:443$1 [R=301]
@albertus82 - I found that the <security-constraint> technique listed here doesn't work with the Waffle libraries (Windows) - but using the rewrite valve does work. Thank you!
works fine, thx
This works, but it does not cover the manager app and the host-manager app (Tomcat 8.5.38).
It's better to put a valve into conf/context.xml that redirects all http requests to https.
https://bitbucket.org/bunkenburg/https-valve/src/master/
Some applications don't work correctly with that
security-constraint, so I followed a completely different approach:* Edit `conf/server.xml` and add the following element into `<Host name="localhost" ...>`:<Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />* Create the file `conf/Catalina/localhost/rewrite.config`:RewriteCond %{HTTPS} =off RewriteRule ^(.*) https://%{HTTP_HOST}:443$1 [R=301]
Hi! I am using the rewrite valve but can't get it to work. It loads and rules is applied (at least in the logs it shows as applied), but when I run IP:PORT in my browser it does not replace anything. Any ideas? I have been researching the whole internet searching for overwritting http pattern but I only see your method.
I think it may have something to do with the server.xml config, I am not using the localhost interface to run tomcat, how can I check that the Rewrite valve is being applied to all hosts? Im using a vm running on a remote server.
Thanks in advance :)
Thanks, that's great, problem solved
Thank you very much. it solved my problem that i have been looking for weeks :D
that should be: ".. the ending
</web-app>tag"(there's a dash in there)