81
[Tomcat] http접속을 https로 리다이렉트 시키기
Admin
출처: http://tkurek.blogspot.kr/2013/07/tomcat-7-http-to-https-redirect.html
톰캣서버 구동 시 http접속을 강제로 https로 돌리는 방법입니다.
톰캣 기본은 http를 8080으로 접속하고 https를 8443으로 접속하게 설정되어 있지만,
예제처럼 80으로 되어있는 것을 443으로 리다이렉트 시키도록 해야겠지요.
Configuration
1)
Update server.xml configuration file
in Tomcat home directory and change the following part of its configuration:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
to what's shown below:
<Connector port="80" enableLookups="false"
redirectPort="443" />
2)
Update web.xml configuration file
in Tomcat home directory and add the following content into the end
before the closing </web-app> markup
:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you requre authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
3)
R
estart Tomcat
servlet container.
You're done! The Tomcat always requires secure connection now.
