sudhakars10
sudhakars10

Reputation: 1

Redirect all HTTP request to HTTPS request without code change

My web application runs in shared server(Websphere), Now my application runs for both the HTTP and HTTPS request . Usually when the application runs it shows like below https://localhost:9443/index.jsp. If the user try to change the https to http and submit the request, server accepts the request. I need to avoid the scenario and make the application to support only for https request on application level. Kindly anyone help me out.

Upvotes: 0

Views: 7058

Answers (3)

eakst7
eakst7

Reputation: 690

Verify that both global and application security are enabled in the WebSphere admin console.

Upvotes: 0

Kurtcebe Eroglu
Kurtcebe Eroglu

Reputation: 1954

An alternative for denying user non-https connection is to simply delete http transport chain; Go to Application servers > your server > Web container transport chains, select WCInboundDefault and click delete. Now you are left only with WCInboundDefaultSecure transport chain, which listens on SSL port.

Another alternative equally effective is to remove host alias for you non-https port at Virtual Hosts > default_host > Host Aliases- this feels like a less brutal configuration change :)

If you prefer redirection over restriction, I suggest you do it before you hit application server, for example at web server or load balancer. If you're using Apache HTTP server or IBM HTTP Server in front of WAS, you may manage the redirect with mod_rewrite.

Upvotes: 0

Ramesh PVK
Ramesh PVK

Reputation: 15456

<security-constraint>
<web-resource-collection>
    <web-resource-name>https</web-resource-name>
    <description>No Description</description>
    <url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
    <description>No Description</description>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

Add the above user-data-constraint in your web.xml. Which will redirect all the http request to https.

Upvotes: 1

Related Questions