Redirect all HTTP request to HTTPS for Enforce UI (Tomcat)
When a user enters the URL for the Enforce UI as a non-secure HTTP request (i.e. http://localhost), an error page is displayed.
Unable to connect / This page can't be displayed.
The Enforce Console's tomcat webserver is configured to only accept HTTPS requests. Any non-secure HTTP request will not be redirected. By default the tomcat webserver is not configured to redirect HTTP requests to HTTPS.
- on file server.xml folowing above the first <connector> entry :
-
<!-- Define a non-SSL HTTP/1.1 Connector on port 80 --> <Connector URIEncoding="UTF-8" port="80" acceptCount="100" enableLookups="false" maxThreads="150" redirectPort="443" />
- Save the server.xml
- Edit web.xml file
- Scroll to the bottom of the file and add the following just above the </web-app> entry:
<!-- Force HTTPS, required for HTTP redirect! --> <security-constraint> <web-resource-collection> <web-resource-name>Protected Context</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <!-- auth-constraint goes here if you require authentication --> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
- Save the web.xml
- Restart service tomcat
Comments 0