开发者

HTTPS with Java Server Faces

问答 作者:

I'm trying to deploy my Java Server Faces app on tomcat. I want the app only to be accessible using HTTPS. I'm finding that when I move from page to page the application falls back to http. If I modify the url in the browser to use https then the page is displayed.

I'm clearly missing some configuration somewhere. Can anyone suggest where?开发者_如何学运维

2 things you can do:

Disable HTTP connector in server.xml.

Add this <security-constraint> to your web.xml:

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Entire Web App</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>

This will automatically redirect all HTTP requests to HTTPS.

继续阅读:jsftomcat

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9