Redirect http requests to https with tomcat server and aws load balancer

Question

I have set up an ec2 instance with a java web application running on a tomcat server and an aws application load balancer which directs port 80 and 443 to port 8080 on the ec2 instance.

I have changed the server.xml configuration on tomcat to the following

<Connector port="8080" protocol="HTTP/1.1"
proxyPort="443"
proxyName="sub.mydomain.com"
scheme="https"
secure="true"
connectionTimeout="20000"
redirectPort="8443" />

Now I am able to connect go to "sub.mydomain.com" and "https ://sub.mydomain.com". But how do I redirect all "http ://sub.mydomain.com" requests to "https ://sub.mydomain.com"?

This will help you http://stackoverflow.com/questions/24603620/redirecting-ec2-elb-from-http-to-https — Shubham Bansal, May 22 '17 at 09:53
You don't want `redirectPort="8443"`. You want `redirectPort="443"` instead. If port `8080` is the secure port on your Tomcat node, then you don't need a `redirectPort` at all (since Tomcat will never use it). — Christopher Schultz, May 24 '17 at 15:57
@jzaa The example in the referenced page is correct, but it's a PHP example. In the Java world, you'll want to use something like [Tomcat's rewrite valve](http://tomcat.apache.org/tomcat-8.5-doc/rewrite.html) or [Tuckey's urlrewrite filter](http://tuckey.org/urlrewrite/). — Christopher Schultz, May 24 '17 at 15:58
ChristopherSchultz , @jzaa , thanks for your inputs. Here's how I managed to get it working. I redirected all 443 requests from the elb to port 8080 on the ec2 instance and all 80 requests on the elb to port 80. Inside the instance, I set up a nginx server which reroutes all requests with $http_x_forwarded_proto = '80' to https — Siddharth Das, May 25 '17 at 12:07

score 0 · Answer 1 · edited May 16 '19 at 10:57

0

Just add this in your web.xml

<security-constraint>
    <web-resource-collection>
        <web-resource-name>HTTPSOnly</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

edited May 16 '19 at 10:57

Vega

27,856
27
95
103

answered May 16 '19 at 10:35

Bikash

1
1

Redirect http requests to https with tomcat server and aws load balancer

1 Answers1