1

I understand that URL patterns can be used to have some handled under HTTP and others under HTTPS.

Let's imagine a web application with two servlets, each accessed with different URL patters (for example .../myapp/servlet1 and .../myapp/servlet2), how can I have to first one handled by HTTP and the second with HTTPS?

Can you provide a configuration example?

Thanks!

Jérôme Verstrynge
  • 4,787
  • 7
  • 24
  • 35

2 Answers2

2

The main idea here is that you want to specify which pages are using SSL

Using SSL in Tomcat requires 3 main step:

  1. You first need to create a SSL certificate. For instance you can use the tool provided with the JDK: keytool. For instance: keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.ssl. You will be asked for a password, and once you filled all information needed, press RETURN to use the same password. Move the file created under CATALINA_HOME.
  2. You then need to enable the SSL connector in tomcat. To do so, in conf/server.xml, for instance: http://fpaste.org/w3yu/ (SECTION 1)
  3. You need to specify in your application which URL require the usage of SSL. As an example, let's take the manager application. In WEB-INF/web.xml just before </security-constraint>, add the following: Same link as above but see SECTION 2.

I know this is very brief but that should give you a lead of what to do :)

Laurent T
  • 136
  • 1
0

I suggest that you set up Apache as a reverse proxy and let it handle the front end. You can configure two virtual hosts (one for http and one for https) which connect to the respective Tomcat backend servlets.

You can look at this question for config examples. You want to do almost exactly the same thing.

Community
  • 1
bahamat
  • 6,263
  • 24
  • 28