Configure Tomcat to redirect all HTTP requests to HTTPS for Enforce UI
search cancel

Configure Tomcat to redirect all HTTP requests to HTTPS for Enforce UI

book

Article ID: 162130

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Enforce

Issue/Introduction

When a user enters the URL for the Enforce UI as a non-secure HTTP request (i.e.  http://localhost), an error page is displayed.

Unable to connect / This page can't be displayed.

Cause

The Enforce Console's tomcat webserver is configured to only accept HTTPS requests.  Any non-secure HTTP request will not be redirected.  By default the tomcat webserver is not configured to redirect HTTP requests to HTTPS.

Resolution

  1. Go to SymantecDLP\Protect\tomcat\conf directory
  2. Edit the file server.xml
  3. Add the following above the first <connector> entry:

    <!-- Define a non-SSL HTTP/1.1 Connector on port 80 -->  
    <Connector URIEncoding="UTF-8" port="80" acceptCount="100" enableLookups="false" maxThreads="150" redirectPort="443" />

  4. Save the server.xml file.
  5. Edit the web.xml file in the same directory
  6. Scroll to the bottom of the file and add the following just above the </web-app> entry:

    <!-- Force HTTPS, required for HTTP redirect! -->
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>Protected Context</web-resource-name>
    <url-pattern>/*</url-pattern>
    </web-resource-collection>
     
    <!-- auth-constraint goes here if you require authentication -->
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>

  7. Save the web.xml file
  8. Restart the Symantec DLP Manager service.

 

Powered by Wolken Software