Use always https in web.xml not working

647 Views Asked by Aliuk At 04 April 2025 at 01:06

I am trying to use always https in my website. I have the following in my web.xml file:

<security-constraint>
    <display-name>All access - GET and POST over SSL</display-name>
    <web-resource-collection>
        <web-resource-name>Common area - GET and POST</web-resource-name>
        <url-pattern>/*</url-pattern>
        <http-method-omission>GET</http-method-omission>
        <http-method-omission>POST</http-method-omission>
    </web-resource-collection>
    <user-data-constraint>
        <description/>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

However it doesn't work. Any idea of what I need to do?

Original Q&A

There are 1 best solutions below

Cédric Couralet On 30 April 2016 at 15:54 BEST ANSWER

You are explicitly allowing the GET and POST method to access your website in http with <http-method-omission> tag.

I think you meant :

    <http-method>GET</http-method>
    <http-method>POST</http-method>

But it would be better to just omit any declaration of HTTP method, as you surely want to force https for all of them.

Use always https in web.xml not working

There are 1 best solutions below

Related Questions in JAKARTA-EE

Related Questions in SSL

Related Questions in HTTPS

Related Questions in WEB.XML

Related Questions in DEPLOYMENT-DESCRIPTOR

Trending Questions

Popular # Hahtags

Popular Questions