Article
Search
Shameless Plugs
Heads Up
Recent comments
Most Popular
Top Contributors
| User | Points |
|---|---|
| geoffc | 161,300 |
| dlythgoe | 28,295 |
| mfaris01 | 19,630 |
| mbluteau | 19,240 |
| DamianMyerscough | 18,220 |
| aburgemeister | 17,805 |
| mbluteau2 | 16,505 |
| davesimons | 15,300 |
| gchilders | 12,540 |
| dgersic | 11,505 |
Who's online
Online users
- overdorf
- mousewhmouse
- Anonymous
- Anonymous
- Anonymous
- Anonymous
- Anonymous
User login
16302
Redirect Incoming HTTP Requests to HTTPS Before Logging into Novell Teaming
Problem:
Needed to find a solution to use the Liferay/Tomcat web application server to redirect all incoming HTTP requests to HTTPS for secure login username and password.
Solution:
Found a WIKI on Jakarta/Tomcat describing a similar situation which went into detail how to add a "security constraint" section to the Tomcat web.xml file. Even with Tomcat configured to listen on both port 80 and 443, with this particular section of code, all inbound requests to our Teaming portal on port 80 were automatically redirected to port 443 (SSL) before logging into the Teaming portal.
Example:
Here's the example I used ... It needs to be placed at end of the web.xml file located in the following directory:
/opt/icecore/liferay-portal-tomcat-5.5-jdk5-4.3.0/conf/
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you requre authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>By adding this section just after the </welcome-file-list> tag and right above the </web-app> end tag, the icecore app needed to restarted in order for the changes to take effect. Then once any user attempted to use the non-secure URL (http://) they automatically get redirected to the secure URL (https://) before entering their login credentials.
Environment:
Our current setup only consists of a single server running SLES 10 SP1 without Apache and eDirectory. Only the Liferay/Tomcat web apps are installed and running.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
User Comments
- Be the first to comment! To leave a comment you need to Login or Register
- 16302 reads
0