Reputation: 347
Get HTTP or HTTPS from Current URL
I simply want to get whether the current URL is under HTTP or HTTPS. The issue is we have a number of self-signed certificates in our testing environments so validating the cert probabluy isn't an option. I've tried the following, but thry don't appear to work in all cases.
String protocol = request.getProtocol();
out.println(protocol); // prints out HTTP/1.1 on self signed servers
Boolean secure = ((HttpServletRequest)pageContext.getRequest()).isSecure();
if (secure) {
out.println("secure")
} else {
out.println("not secure") // always fails
}
I suppose I could use getRequest and search the string for "https" - but I'm assuming there's a truly supported way of doing this.
Upvotes: 3
Views: 9000
Answers (1)
Reputation: 2744
It does not matter if self-signed or official certs are used. If SSL/TLS is NOT terminated at the deployment container 'isSecure()' will return 'false' by default. However some deployment containers like Tomcat can be configured to return 'true' for 'isSecure()' call even if SSL/TLS is NOT terminated at the deployment container. E.g. this is helpful if SSL is terminated at a (hardware-)loadbalancer and 'sendRedirect()' is used with relative URL.
Upvotes: 2
Related Questions
- Check if URL is HTTPS or HTTP protocol?
- Get full URL and query string in Servlet for both HTTP and HTTPS requests
- Java HttpServletRequest get URL in browsers URL bar
- How to identify if domain is http or https?
- Get requested URL in jsp
- Get HTTPS content in HTTP
- http or https from url
- Java how to find out if a URL is http or https?
- How to check if url exists over https in java
- How can I determine if a user has come from an https domian?