newbie
Reputation: 24635
SSL securing site on Google App Engine
How can I make sure that users cannot access http address on google appengine at all? Now usesrs can use https or http to access site, but is there any way to force users using http protocol to https url?
Upvotes: 1
Views: 1340
Answers (1)
newbie
Reputation: 24635
Ok now I found a way to do it, add following element to your web.xml, and your xml should have following xml definition:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5">
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
https://developers.google.com/appengine/docs/java/config/webxml#Secure_URLs
Upvotes: 8
Related Questions
- SSL on appengine
- serving GAE applications over http
- Google App Engine and HTTPS Strategy
- Add HTTPS to a custom domain on Google App Engine (and keep HTTP working)
- Secure login on your domain with Google App Engine
- Change http to https
- Security on Google App Engine(Java) - Servlet SSL?
- appengine http secure?
- How to make an HTTPS call on App Engine
- Secure authentication without SSL using Google App Engine?