Versions Compared

Old Version 5

changes.mady.by.user Paweł Lizakowski

Saved on

compared with

New Version 6

changes.mady.by.user Paweł Lizakowski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

No Format
<Connector port="443" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true" URIEncoding="UTF-8"
               clientAuth="false" sslProtocol="TLS" keystoreFile="/path/to/server.p12" keystoreType="PKCS12" keystorePass="haslo_podane_wyzej" />

 

Automatyczne przekierowanie żądań http na https

 

Aby dodać automatyczne przekierowanie żądań http na httpsnależy w pliku web.xml dodać sekcję <security-constraint>

Code Block
................
</jsp-config>
  <resource-ref>
    <description>PlusWorkflow Default Connection Resource</description>
    <res-ref-name>PlusWorkflowResource</res-ref-name>
    <res-type>javax.sql.DataSource</res-type>
    <res-auth>Container</res-auth>
  </resource-ref>
  
    <!-- Require HTTPS for everything except /img (favicon) and /css. -->
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOnly</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOrHTTP</web-resource-name>
            <url-pattern>*.ico</url-pattern>
            <url-pattern>/img/*</url-pattern>
            <url-pattern>/css/*</url-pattern>
			<url-pattern>/services/ReleaseService/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
  
  <welcome-file-list>
    <welcome-file>default.do</welcome-file>
  </welcome-file-list>
.........................

 

 

 

</jsp-config>
  <resource-ref>
    <description>PlusWorkflow Default Connection Resource</description>
    <res-ref-name>PlusWorkflowResource</res-ref-name>
    <res-type>javax.sql.DataSource</res-type>
    <res-auth>Container</res-auth>
  </resource-ref>
  
    <!-- Require HTTPS for everything except /img (favicon) and /css. -->
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOnly</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOrHTTP</web-resource-name>
            <url-pattern>*.ico</url-pattern>
            <url-pattern>/img/*</url-pattern>
            <url-pattern>/css/*</url-pattern>
			<url-pattern>/services/ReleaseService/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
  
  <welcome-file-list>
    <welcome-file>default.do</welcome-file>
  </welcome-file-list>