Ssl – Redirecting from http to https in Glassfish 3

glassfishredirectssl

How do you redirect port 80 -> 443 in Glassfish 3? My scenario is a web application SSL, and I want non-SSL requests to be automatically redirected.

Best Answer

You should look at this blog post on port unification in Glassfish 3. I believe it answers your question for you:

Granted, this solution offers a 302 redirect from only the protocol (e.g. http://blah:8000 to https://blah:8000) as opposed to a direct that changes the protocol and port, but is nifty nonetheless.

Related Solutions

Tomcat – How to redirect Apache to different ports on a GlassFish server

Instead of using ajp, I would recommend using mod_proxy. I have done that myself with great success. The way I have my stuff set up, I just configure a virtual domain to point to a directory, and create a .htaccess file as such:

ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/

Of course, alter to match your HTTP ports. In tomcat (which I use), I also edit in server.xml under conf. For the Connector on port 8080, I set the proxyName to match the virtual host, and the proxyPort to 80.

I should add a note that I am using dynamic virtual hosts for my configuration, my sites configuration (I am using debian) under /etc/apache2/sites-available looks as such:

<VirtualHost IP>
Servername yourdomain.com
ServerAlias *.yourdomain.com

UseCanonicalName Off

LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon

CustomLog /var/www/yourdomain.com/logs/custom.log vcommon
ErrorLog /var/www/yourdomain.com/logs/error.log
TransferLog /var/www/yourdomain.com/logs/access.log

RewriteLog/var/www/yourdomain.com/logs/rewrite.log
RewriteLogLevel 2

VirtualDocumentRoot /var/www/yourdomain.com/sites/%1/html
VirtualScriptAlias /var/www/yourdomain.com/sites/%1/cgi-bin

LogLevel debug

<Directory /var/www/yourdomain.com/sites/>
  AllowOverride All
</Directory>

</VirtualHost>

This means that stackoverflow.yourdomain.com will go to /var/www/yourdomain.com/sites/stackoverflow/html

I know you didn't ask for the last part, I just provided it to give a full overview off my setup, and how it fits into the .htaccess file with ProxyPass and ProxyPassReverse

NGINX Redirect – How to Rewrite All HTTP Requests to HTTPS While Maintaining Sub-Domain

Correct way in new versions of nginx

Turn out my first answer to this question was correct at certain time, but it turned into another pitfall - to stay up to date please check Taxing rewrite pitfalls

I have been corrected by many SE users, so the credit goes to them, but more importantly, here is the correct code:

server {
       listen         80;
       server_name    my.domain.com;
       return         301 https://$server_name$request_uri;
}

server {
       listen         443 ssl;
       server_name    my.domain.com;
       # add Strict-Transport-Security to prevent man in the middle attacks
       add_header Strict-Transport-Security "max-age=31536000" always; 

       [....]
}

Best Answer

Related Solutions

Tomcat – How to redirect Apache to different ports on a GlassFish server

NGINX Redirect – How to Rewrite All HTTP Requests to HTTPS While Maintaining Sub-Domain

Correct way in new versions of nginx

Related Topic