-
1. Re: Redirect to https / refuse non secure requests
jfuerth Nov 14, 2013 9:44 AM (in response to magick93)Hi Anton,
You can do this in an Errai app just as you would in any servlet app: set up a security constraint in your web.xml:
<security-constraint> <web-resource-collection> <web-resource-name>all</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
Configuring your web server to support SSL and telling it which mechanism to use for redirecting from the insecure port to the secure port is app server specific. Check your server's reference guide for that info.
-Jonathan
-
2. Re: Redirect to https / refuse non secure requests
magick93 Nov 14, 2013 10:19 AM (in response to jfuerth)Thank you Jonathan.
That is very helpful.
-
3. Re: Redirect to https / refuse non secure requests
magick93 Nov 14, 2013 11:06 AM (in response to magick93)Configuring your web server to support SSL and telling it which mechanism to use for redirecting from the insecure port to the secure port is app server specific. Check your server's reference guide for that info.
We are using jboss as 7.2. Do you know how we do this for this wonderful app server?
-
4. Re: Redirect to https / refuse non secure requests
jfuerth Nov 14, 2013 11:57 AM (in response to magick93)Honestly I don't know that off the top of my head. But I would be shocked if it wasn't covered in the reference guide.
-Jonathan