开发者

SSL securing site on Google App Engine

开发者 https://www.devze.com 2023-01-22 14:17 出处:网络
How can I make sure that users cannot access http address on google appengine at all? Now usesrs开发者_JS百科 can use https or http to access site, but is there any way to force users using http proto

How can I make sure that users cannot access http address on google appengine at all? Now usesrs开发者_JS百科 can use https or http to access site, but is there any way to force users using http protocol to https url?


Ok now I found a way to do it, add following element to your web.xml, and your xml should have following xml definition:

<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5">
    <security-constraint>
        <web-resource-collection>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

https://developers.google.com/appengine/docs/java/config/webxml#Secure_URLs

0

精彩评论

暂无评论...
验证码 换一张
取 消