Tomcat配置https、訪問http自動跳轉至https
1、配置Tomcat,打開$CATALINA_HOME/conf/server.xml,修改如下
將: <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> 改為: <Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="443" />
將: <!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> 去掉注釋且修改參數==> <Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="d:/dev/tomcat.keystore" keystorePass="123456" />
將: <!-- <Connector port="8009" enableLookups="false" protocol="AJP/1.3" redirectPort="8443" /> --> 改為: <Connector port="8009" enableLookups="false" protocol="AJP/1.3" redirectPort="443" />
二、局部https安全連接配置,打開web項目\WEB-INF\web.xml文件,在該文件</welcome-file-list>后面(一般在最后)加上這樣一段:
<!-- 局部https安全連接配置 --> <security-constraint> <display-name>Auth</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- <url-pattern>/index/json/login</url-pattern> <url-pattern>/admin/json/admin/companyLogin</url-pattern> <url-pattern>/admin/companyLogin</url-pattern> <url-pattern>/admin/agentLogin</url-pattern> --> <url-pattern>/user/*</url-pattern> <url-pattern>/main/index</url-pattern> </web-resource-collection> <user-data-constraint> <description>SSL required</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
上述配置完成后,重啟TOMCAT后即可以使用SSL。IE地址欄中可以直接輸入地址不必輸入“http://” 或者 “https://” ;也可以輸入 “http:// ” 會跳轉成為 “https://” 來登錄