Tomcat配置https、访问http自动跳转至https
1、配置Tomcat,打开$CATALINA_HOME/conf/server.xml,修改如下
将: <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> 改为: <Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="443" />
将: <!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> 去掉注释且修改参数==> <Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="d:/dev/tomcat.keystore" keystorePass="123456" />
将: <!-- <Connector port="8009" enableLookups="false" protocol="AJP/1.3" redirectPort="8443" /> --> 改为: <Connector port="8009" enableLookups="false" protocol="AJP/1.3" redirectPort="443" />
二、局部https安全连接配置,打开web项目WEB-INFweb.xml文件,在该文件</welcome-file-list>后面(一般在最后)加上这样一段:
<!-- 局部https安全连接配置 --> <security-constraint> <display-name>Auth</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- <url-pattern>/index/json/login</url-pattern> <url-pattern>/admin/json/admin/companyLogin</url-pattern> <url-pattern>/admin/companyLogin</url-pattern> <url-pattern>/admin/agentLogin</url-pattern> --> <url-pattern>/user/*</url-pattern> <url-pattern>/main/index</url-pattern> </web-resource-collection> <user-data-constraint> <description>SSL required</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
上述配置完成后,重启TOMCAT后即可以使用SSL。IE地址栏中可以直接输入地址不必输入“http://” 或者 “https://” ;也可以输入 “http:// ” 会跳转成为 “https://” 来登录