HTTPS redirect
Mark McCoy
mark.mccoy at utsa.edu
Thu Jul 5 14:23:19 EDT 2007
Christian Haugen <christian.haugen at ...> writes:
> Hi again!
> My CAS server is finally up and running
> thanks to you guys J
>
> If I want to access my CAS login page I can do this both via http
> and https, but I want to be only https. Right now if
> I og to my logon page http://adress/cas/login
> I can log in, but if I want to use https://adress/cas/login
> I cant seem to find the page without specifying the port number.
>
> I have tried changing this in
> tomcat/conf/server.xml but he only way I found was a redirect that changed the
> redirection url. So that it took away my service variable. Is there an easy
> solution to this?
>
> If there is an easy way to make the http://adress/cas/login redirect to
> https//adress/cas/login and not ever specify port number I would be very much
> grateful.
>
> My regards,
>
> Christian Haugen
The easiest way is to use apache 2.2 with the built-in mod_ajp and have
it frontend tomcat. This way you have the flexibility of apache and you
can do things like put in redirects of all traffic from http -> https.
You can then also serve static content from the apache instance.
Or you can disable port 80 completely (either at the tomcat level or via
a firewall. This is usually the most secure, although that might not be
what the user expects.
More information about the cas
mailing list