您的位置: 首页  >  技术问答  >  在Apache Tomcat中执行从http到https的301重定向

在Apache Tomcat中执行从http到https的301重定向

分类: 技术问答 2022-05-19 10:16:50
问题描述:

我已经在Web应用程序中配置了SSL.我已按照所需步骤在Tomcat中安装了证书.

I have configured SSL in my web application. I have installed the certificate in my Tomcat as per the required steps.

我一直关注的教程是 https://www.mulesoft.com/tcat/tomcat-security

The tutorial that I have been following is https://www.mulesoft.com/tcat/tomcat-security

我已在HTTP上强制使用https,这意味着对http的任何请求都将转发到https.我在server.xml中进行了以下更改

I have enforced the use of https over http which means that any request to http will be forwarded to https. I made the following changes in my server.xml

<Connector port="8080" protocol="HTTP/1.1" 

           connectionTimeout="20000" 

           redirectPort="443"

           proxyHost="10.1.1.1" proxyPort="80"

           URIEncoding="UTF-8"

           maxHttpHeaderSize="32768"/>


<security-constraint>
    <web-resource-collection>
        <web-resource-name>SecureConnection</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

但是,正在进行的重定向是临时重定向,即302. 我想使用301重定向,即永久重定向.

However, the redirect that is taking place is temporary re-direct ie 302. I want to use 301 re-direct ie., permanent redirect.

我该如何实现?

这是在您的Realm上配置的.请参见您特定Realm实现的transportGuaranteeRedirectStatus属性.

This is configured on your Realm. See the transportGuaranteeRedirectStatus attribute of your particular Realm implementation.

https://tomcat.apache.org/tomcat-8.5- doc/config/realm.html

例如:server.xml可以直接使用

Ex: server.xml has this out-of-the-box

  <Realm className="org.apache.catalina.realm.LockOutRealm">
    <!-- This Realm uses the UserDatabase configured in the global JNDI
         resources under the key "UserDatabase".  Any edits
         that are performed against this UserDatabase are immediately
         available for use by the Realm.  -->
    <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
           resourceName="UserDatabase"/>
  </Realm>

它未设置transportGuaranteeRedirectStatus,因此默认设置为302.如果要使用301,只需将属性transportGuaranteeRedirectStatus="301"添加到*领域(根据配置,您可能没有嵌套的领域).并重新启动Tomcat.

It does not set transportGuaranteeRedirectStatus so it defaults to 302. If you want to make it use a 301, just add the attribute transportGuaranteeRedirectStatus="301" to the top level Realm (you may not have nested Realms depending on your configuration) and restart Tomcat.

例如:

  <Realm className="org.apache.catalina.realm.LockOutRealm" transportGuaranteeRedirectStatus="301">
    <!-- This Realm uses the UserDatabase configured in the global JNDI
         resources under the key "UserDatabase".  Any edits
         that are performed against this UserDatabase are immediately
         available for use by the Realm.  -->
    <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
           resourceName="UserDatabase" />
  </Realm>

如果未在配置中定义Realm标签,则Tomcat将默认使用

If you do not have a Realm tag defined in your configuration, Tomcat will default to using a NullRealm. If you want to override the redirect in this situation, you'd just need to define a NullRealm under with the transportGuaranteeRedirectStatus property set on it.

希望有帮助!

相关推荐