Tomcat HTTP to HTTPS redirect does not change port

Mattias Johansson

5/25/23, 7:32 AM

I have problems getting HTTP to HTTPS redirect to work in my Tomcat.

in Server.xml I have the connectors

     <Connector port="8080" protocol="HTTP/1.1" redirectPort="8443" />

     <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="100"
           minSpareThreads="25" maxSpareThreads="75"
           enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" scheme="https" secure="true"
           SSLEnabled="true" clientAuth="false"
           sslProtocol="TLS" keyAlias="some_alias"
           keystoreFile="secret-keystore-files"
           keystorePass="Supersafepassword" />

and in web.xml


    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOnly</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

HTTPS works fine with no certificate issues, but when I access http://server:8080 I get redirected to https://server:8080 (same port) and not 8443 as expected.

141

0 + 0

https

tomcat9

Score:1

Server

Ben

5/26/23, 10:11 AM

As already answered:

The problem was due to caching the redirect location in the browser. (Some browsers may handle redirect caching differently)

Make sure not to use the HTTP 301 redirect if you often change the location...

More Information: https://stackoverflow.com/questions/9130422/how-long-do-browsers-cache-http-301s

0 + 0

Mattias Johansson

5/28/23, 7:19 AM

Thank you for the answer. Is there any way around this, otherwise I would have to make all users clear their browser cache. I will only make this change once, I hope....

Ben

5/28/23, 3:25 PM

You might temporarily add another/additional redirect or something like that. So it could be chain of redirects or you "inject" a dialog for the user to clear their cache. Something like that comes to my mind by solving this issue. Actually the answer is in the link above. Look for: "If you previously issued a 301 redirect but want to un-do that"

Score:0

Server

Mattias Johansson

5/26/23, 9:38 AM

Seems there was something left in my Chrome browser. It works in Edge and an incognito Chrome browser

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Tomcat HTTP to HTTPS redirect does not change port

TH: การเปลี่ยนเส้นทาง Tomcat HTTP เป็น HTTPS จะไม่เปลี่ยนพอร์ต

RO: Redirecționarea Tomcat HTTP către HTTPS nu schimbă portul

RU: Перенаправление Tomcat с HTTP на HTTPS не меняет порт

VI: Chuyển hướng Tomcat HTTP sang HTTPS không thay đổi cổng

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.