wood burning stoves 2.0*
The moose likes Tomcat and the fly likes Tomcat filters Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat filters" Watch "Tomcat filters" New topic
Author

Tomcat filters

Mark Hughes
Ranch Hand

Joined: Jul 14, 2006
Posts: 146
Hi Guys,

Ive been doing some research and i discovered that the following code put in a web.xml will force Tomcat to redirect to a https connection for certain wildcard matches, or in the below case all pages in the domain.
My question is though if only a few pages below were added to the filter such as login page and account page, https is invoked when those pages are requested, but then tomcat keeps a https connection from that point on.
Is it possible to also have filters that force tomcat to redirect to a non ssl port for some pages that do not need securing.

So based on the url pattern, Tomcat will redirect to https and then back to http?




Best
Mark Hughes
Mark Hughes
Ranch Hand

Joined: Jul 14, 2006
Posts: 146
Hey Guys,

Any takers on this?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42282
    
  64
No, that's not possible. But you can do that explicitly in the HTML by using absolute URLs starting with "http:". If you use relative URLs (which do not contain the protocol to use), then it's going to keep using HTTPS.


Ping & DNS - my free Android networking tools app
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16145
    
  21

By the time a web request gets to the Tomcat filter, it's already passed through the network and been decrypted. So a filter can't help.

Don't make the common mistake of thinking that a web session is a continuous conversation that you can switch. The underlying HTTP(S) protocol is strictly atomic, and it's only by generous use of smoke and mirrors that we make webapps appear to have a connection from one press of the Submit button to the next.

Part of that "smoke and mirrors" is the URL that makes the next request. And as Ulf said, you can control the protocol, server, and port by shaping the URL(s) that the server for the previous request sends back in links, resource references and form submit targets.


Customer surveys are for companies who didn't pay proper attention to begin with.
Mark Hughes
Ranch Hand

Joined: Jul 14, 2006
Posts: 146
cool thanks guys, that makes sense.

Best
Mark Hughes
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat filters