Follow by Email

Tuesday, July 24, 2012

Enabling HTTPS In J2EE Web Applications

If you want to enable HTTPS configuration in your J2EE web application  then you should add the following lines in web.xml file under your WEB-INF folder.

<security-constraint>

            <display-name>MyWebApp</display-name>
           
            <web-resource-collection>
           
                        <web-resource-name>MyWebApp</web-resource-name>
                       
                        <description/>
                       
                        <url-pattern>/*</url-pattern>
                        <http-method>GET</http-method>
                        <http-method>POST</http-method>
            </web-resource-collection>
            <user-data-constraint>
                        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
            </user-data-constraint>
</security-constraint>

this will redirect any attempt to use your application on HTTP to HTTPS.

No comments:

Post a Comment