Tomcat documentation notes that the transport-guarantee entry in the tomcat configuration needs to be changed from NONE to CONFIDENTIAL for HTTP to HTTPS url redirection. For Spectrum's implementation, this means you need to change all 30 entries in the $SPECROOT/tomcat/webapps/spectrum/WEB-INF/web.xml.
1. Enable SSL and confirm that it works.
2. Make a backup copy of the $SPECROOT/tomcat/webapps/spectrum/WEB-INF/web.xml file
3. Edit the $SPECROOT/tomcat/webapps/spectrum/WEB-INF/web.xml file and find this section around lines 5592:
<security-constraint xmlns="">
<web-resource-collection>
<web-resource-name>SPECTRUM</web-resource-name>
<description>
This constraint controls access to common components of
SPECTRUM Web Operator including the splash screen, table
layout configuration, etc.
</description>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/webop.jsp</url-pattern>
<url-pattern>/common/do/changePassword</url-pattern>
<url-pattern>/common/do/ExportPreferences</url-pattern>
<url-pattern>/common/do/ImportPreferences</url-pattern>
<url-pattern>/common/do/logout</url-pattern>
<url-pattern>/common/do/PageRefresh</url-pattern>
<url-pattern>/common/do/PageSetup</url-pattern>
<url-pattern>/common/do/SearchPages</url-pattern>
<url-pattern>/common/do/TableConfigSet</url-pattern>
<url-pattern>/common/do/TableConfigure</url-pattern>
<url-pattern>/common/do/TableFilter</url-pattern>
<url-pattern>/common/do/TableLayout</url-pattern>
<url-pattern>/common/do/TablePagination</url-pattern>
<url-pattern>/common/do/TableSort</url-pattern>
<url-pattern>/common/do/SearchUpdate</url-pattern>
<url-pattern>/common/do/SearchAllDomains</url-pattern>
<url-pattern>/common/do/SearchDomain</url-pattern>
<url-pattern>/common/do/SearchModel</url-pattern>
<url-pattern>/common/do/SearchList</url-pattern>
<url-pattern>/common/do/SearchManFormSup</url-pattern>
<url-pattern>/common/do/UserDataSearch</url-pattern>
<url-pattern>/common/a/header.jsp</url-pattern>
<url-pattern>/common/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>
To use SSL for the web resources listed above, configure the
application server for SSL and change the transport-guarantee
from NONE to CONFIDENTIAL.
See the application server documentation and the Servlet 2.3
specification for additional information.
</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
Change the transport-guarantee from NONE to CONFIDENTIAL:
<transport-guarantee>NONE</transport-guarantee>
to
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
4. Save the web.xml
5. Stop and restart tomcat
All users that attempt to access the standard HTTP url for OneClick will now be redirected to the HTTPS url for OneClick.