Jetty and http to https redirect

Thread view:

Forrest Samuels - 04 Dec 2004 22:30 GMT

I am working on an embedded web application using Jetty 4.2.10pre1.
The webapp has traditionally been run using just http on port 8082.
For the next release, we will be handling more sensitive passwords and
plan on using SSL/https instead. We are using the SunJsseListener for
our SSL support.

The problem we have is often users will still go to
http://127.0.0.1:8082 when they should go to https://127.0.0.1:8082.
Using http in IE causes an error and in Firefox it attempts to
download a file.

Is there a way to setup Jetty to recognize users are attempting to use
HTTP and redirect them to HTTPS?

It would be easier if we could use the standard port 443 but since
users may also be running a web server with SSL, we can't by default.
I am open to switching to a newer version of Jetty if need be.

Thanks for the help.

Reply to this Message

Steve Sobol - 05 Dec 2004 00:17 GMT

> Is there a way to setup Jetty to recognize users are attempting to use
> HTTP and redirect them to HTTPS?

You should be able to set up a standard security constraint that forces SSL,
although I don't know if it'll automatically redirect them.

Barring that, you could set up a servlet that redirects everyone going to http
on port 8082 to https on port 443.

Neither of these solutions are Jetty-specific, but they should both work fine.

Signature

JustThe.net Internet & New Media Services, http://JustThe.net/
Steven J. Sobol, Geek In Charge / 888.480.4NET (4638) / sjsobol@JustThe.net
PGP Key available from your friendly local key server (0xE3AE35ED)
Apple Valley, California Nothing scares me anymore. I have three kids.

Reply to this Message

Jetty and http to https redirect

Free Magazines