My requirement comes from the following scenario:
I have a load balancer that passes traffic down to this tomcat server. The load balancer handles redirection but it is also possible to access the tomcat server itself. The load balancer passes the traffic over port 80. If Tomcat redirects all traffic, the load balancer will redirect too many times. To workaround this, I want to implement redirection in Tomcat but for a specific domain name only, i.e. user accesses the Tomcat server directly. If the user accesses via the load balancer, then Tomcat would not fire redirection. That would solve this issue.
Redirecting from port 80 (http) to port 443 (https) on Apache Tomcat 9 is fairly straight forward: https://stackoverflow.com/a/33274112/3621633
Create the connector for port 80 and port 443. Set the redirect to port 443 from 80. And then add the security constraint in web.xml to enforce redirection from http to https.
However, I have an additional requirement which is only redirect for a specific domain. The url-pattern does not read the domain name from what I recall. What are my alternative options to redirect http to https for a specific domain?
You will have to install a redirecting valve or filter into your applications in order to achieve this.
One way to do it would be to use the rewrite valve using
HTTP_HOSTas your condition variable.Note that you may have to install this
<Valve>into each of your applications because Tomcat may direct any request to any application. Remember, if your application is hosted on/myapp, it's possible for a client to make a request to/something-elseand if you want that redirected, you will have to ensure that you have aROOTapplication deployed and configured with the same redirect.