Redirect http to https in Java EE

Question

How to do a http redirect to https in Sun Application Server / Web Server?

score 6 · Answer 1 · edited Jan 07 '16 at 11:41

The servlet container should automatically redirect the user to the HTTPS listener if you set the transport-guarantee element to CONFIDENTIAL or INTEGRAL in your web.xml, like so:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>All</web-resource-name>
        <url-pattern>*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

The url-pattern element contents should match the path you wish to secure. So, for example, if you want to secure everything under /admin, specify /admin/* as your url-pattern. This should exhibit the following behaviour:

http://www.example.org/admin/login

will redirect to

https://www.example.org/admin/login

For more information, check out the Servlet 2.5 specification (JSR 154).

The above does not work on Liberty if you have a JASPIC enabled site and the validateRequest checks if you are in SSL mode. — Archimedes Trajano, Aug 08 '15 at 19:22
Hi, I have used it this configuration and it worked. but the problem is its append port with URL like https://www. mydomain.com:8443 do you have idea how to remove this with achieving https..? — Raj Bhatia, May 25 '16 at 11:44

score -2 · Answer 2 · answered Feb 10 '09 at 08:40

-2

One possible approach might be to use mod_rewrite

I'm sure there's others.

answered Feb 10 '09 at 08:40

cagcowboy

30,012
11
69
93

Redirect http to https in Java EE

2 Answers2