Option 1
- Update web.xml configuration file and add the following content into the <web-app> section:
<security-constraint> <web-resource-collection> <web-resource-name>Protected Context</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <!-- auth-constraint goes here if you require authentication --> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
- Update server.xml configuration file and add the following content into the <Host> section:
<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="x-forwarded-for" protocolHeader="x-forwarded-proto" protocolHeaderHttpsValue="https" />
Option 2
- Make sure you have lib directory under WEB-INF
Upload the file urlrewritefilter-4.0.3.jar there. You can find the latest version at this page - Update web.xml configuration file and add the following content into the <web-app> section:
<filter> <filter-name>UrlRewriteFilter</filter-name> <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> </filter> <filter-mapping> <filter-name>UrlRewriteFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
- Create a file WEB-INF/urlrewrite.xml with the following contatnt:
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN" "http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd"> <urlrewrite> <rule> <name>Redirect to HTTPS</name> <condition operator="notequal" name="x-forwarded-proto">https</condition> <from>^.*$</from> <to last="true" type="permanent-redirect">https://%{server-name}%{request-uri}</to> </rule> </urlrewrite>
Finally, restart the Tomcat.
