Novell Cool Solutions

Redirect Incoming HTTP Requests to HTTPS Before Logging into Novell Teaming



By:

January 11, 2008 12:42 pm

Reads:18,750

Comments:0

Score:Unrated

Print/PDF

Problem:

Needed to find a solution to use the Liferay/Tomcat web application server to redirect all incoming HTTP requests to HTTPS for secure login username and password.

Solution:

Found a WIKI on Jakarta/Tomcat describing a similar situation which went into detail how to add a “security constraint” section to the Tomcat web.xml file. Even with Tomcat configured to listen on both port 80 and 443, with this particular section of code, all inbound requests to our Teaming portal on port 80 were automatically redirected to port 443 (SSL) before logging into the Teaming portal.

Example:

Here’s the example I used … It needs to be placed at end of the web.xml file located in the following directory:
/opt/icecore/liferay-portal-tomcat-5.5-jdk5-4.3.0/conf/

<security-constraint>
     <web-resource-collection>
        <web-resource-name>Protected Context</web-resource-name>
          <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <!-- auth-constraint goes here if you requre authentication -->
      <user-data-constraint>
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
</security-constraint>

By adding this section just after the </welcome-file-list> tag and right above the </web-app> end tag, the icecore app needed to restarted in order for the changes to take effect. Then once any user attempted to use the non-secure URL (http://) they automatically get redirected to the secure URL (https://) before entering their login credentials.

Environment:

Our current setup only consists of a single server running SLES 10 SP1 without Apache and eDirectory. Only the Liferay/Tomcat web apps are installed and running.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...

Categories: Uncategorized

0

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

Comment

RSS