I am configuring Tomcat to support both HTTP (on port 8080) and HTTPS (port 8443). In the server.xml, if I configure like this:
    <Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           URIEncoding="UTF-8" 
           redirectPort="8443" />
    <Connector port="8443" protocol="HTTP/1.1" 
           SSLEnabled="true"
           scheme="https" 
           secure="true"
           Server=""
           keystoreFile="conf/.keystore"
           keystorePass="password"
           maxThreads="150"
           maxSpareThreads="75"
           minSpareThreads="25" 
           clientAuth="false" sslProtocol="TLS" 
           URIEncoding="UTF-8"
           />
All access to http://SERVER_IP:8080 will be directed to https://SERVER_IP:8443. How can I disable the redirection, and allow both http and https access?
I tried to remove redirectPort="8443", but it does not work.
With @pedrofb 's help, I figured out the solution: besides modifying server.xml file, edit web.xml file like:
<security-constraint>
    <web-resource-collection>
    <web-resource-name>Support Both HTTP and HTTPS
    </web-resource-name>
    <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
      <!-- <transport-guarantee>CONFIDENTIAL</transport-guarantee> -->
    </user-data-constraint>
</security-constraint>
Make sure <transport-guarantee>CONFIDENTIAL</transport-guarantee> is commented, or else it allows only HTTPS access.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With