-3

similar to this question, but it got no reply. I was hoping for a step by step guide as to exactly what files I need to change and to what in my maven web-app project to ensure all connections to my webapp are via ssl. I found this on my searches, but it appears to be badly written, from 2006 and doesn't cover maven. Any help you could give would be appreciated.

Community
  • 1
  • 1
ElFik
  • 897
  • 2
  • 13
  • 31

2 Answers2

2

I would like to ask a question for clarification but my rep doesn't allow it yet - so I'll try my best to answer. Mostly I'm not clear if you want to use a Tomcat server or the embedded Tomcat instance provided by the Maven plugin.

First, my usual setup to redirect http to https is using an Apache Web Server with a mod_rewrite rule.

That being said, if I understand correctly what you are trying to accomplish, is that you want to use the Maven to dynamically configure your WEB-INF/web.xml or any other applicable context configuration for your app as part of the build to configure Tomcat to redirect http page requests to https. Here is an example of redirecting http requests to https in Tomcat

How I would approach this problem is to make sure Maven settings.xml is configured for your Tomcat instance. For example:

<settings>
    <servers>
        <server>
            <id>myserver</id>
            <username>admin</username>
            <password>admin</password>
         </server>
</servers>

If you want to use the embedded Tomcat server in the Maven-Tomcat plugin, you need to edit pom.xml to something like this:

<build>
<finalName>sw</finalName>
<plugins>
    <plugin>
        <groupId>org.codehaus.mojo</groupId>
        <artifactId>tomcat7-maven-plugin</artifactId>
        <version>2.0</version>
        <configuration>
                 <server>myserver</server>
                 <path>/sw</path>
        </configuration>
    </plugin>
</plugins>

Then, within the pom.xml's maven-tomcat-plugin settings, you can specify plugin parameters according to this spec, following the example configuration guide above. I would specify the parameters like <contextFile>, <httpsPort>, <keystoreFile>, <keystorePass>, <tomcatWebXml>, and <warSourceDirectory>

I'm afraid if you want to dynamically configure web.xml, context.xml, or server.xml for an existing Tomcat server (not the Maven embedded), you should NOT use Maven to do this. Instead, you should edit those files in advance and then configure the tomcat:deploy goal accordingly.

Brett Bonner
  • 425
  • 1
  • 4
  • 17
1

Your first link did indeed get answered; I don't see anything either badly written or obsolete about your second link; and Maven, which is a build technology, has nothing to do with what happens at runtime, which is determined by the application itself. This matter is all down to what you put in web.xml, as covered in that article.

user207421
  • 305,947
  • 44
  • 307
  • 483