现在很多网站都改为HTTPS,当给tomcat部署过HTTPS后,请求的话默认是HTTP的,这时就需要强行改变请求的协议了,因为之前没弄过相关的东西,不知解决方向,所以就写下来告诉和我一样刚接触的小白吧!
下面是我找到的两种方法,都已经使用过了,真实有效。。。。
1.在web.xml中设置一个全局过滤
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client Cert Users-only Area</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name >SSL</web-resource-name>
<url-pattern>/*</url-pattern> //过滤设置所有资源
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
这个在网上很多都可以看到,就不多说了(PS:这个重定向好像是默认302,公司要求301,
对我来说直接淘汰,)
2.在代码中添加一个Filter,把不是http协议的改为https协议;
因为公司要做xxx.com转向www.xxx.com的301重定向,所以这里有两个Filter,(第一个大家可以忽略)。
因为没有自己定义的类,比较简单,我就不注释了,将就看吧。
public class WwwFilter implements Filter {
private String originUrl;
private String targetUrl;
public void init(FilterConfig filterConfig) throws ServletException {
this.originUrl =filterConfig.getInitParameter("originUrl");//来源url
this.targetUrl =filterConfig.getInitParameter("targetUrl");//目标url
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
String hostName =req.getServerName();
if (hostName.startsWith(originUrl)) {
HttpServletResponse response = (HttpServletResponse) resp;
HttpServletRequest httpRequest = (HttpServletRequest) req;
String queryString = (httpRequest.getQueryString() ==null ? "" : "?" +httpRequest.getQueryString());
response.setStatus(301);
String requestUrl =httpRequest.getRequestURL().toString();
requestUrl =requestUrl.replace(originUrl, targetUrl);
response.setHeader("Location",requestUrl + queryString);
response.setHeader("Connection","close");
} else {
chain.doFilter(req,resp);
}
}
}
public class HttpsFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
String scheme =req.getScheme();
URL newUrl = null;
if (scheme.equals("https")) {
chain.doFilter(req,resp);
} else {
HttpServletResponse response = (HttpServletResponse) resp;
HttpServletRequest httpRequest = (HttpServletRequest) req;
String queryString = (httpRequest.getQueryString() ==null ? "" : "?" +httpRequest.getQueryString());
response.setStatus(301);
String requestUrl =httpRequest.getRequestURL().toString();
URL reqUrl=new URL(requestUrl+queryString);
newUrl=new URL("https",reqUrl.getHost(),reqUrl.getPort(),reqUrl.getFile());
response.setHeader("Location",newUrl.toString());
response.setHeader("Connection","close");
}
}
@Override
public void destroy() {
}
}
<filter>
<filter-name>WwwFilter</filter-name>
<filter-class>com.hyj.zq.interceptor.WwwFilter</filter-class>
<init-param>
<param-name>originUrl</param-name>
<param-value>zqjrw.com</param-value>
</init-param>
<init-param>
<param-name>targetUrl</param-name>
<param-value>www.zqjrw.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>WwwFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>HttpsFilter</filter-name>
<filter-class>com.hyj.zq.interceptor.HttpsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>HttpsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
这样就可以让不带www和不是http的请求变为https://www.xxx.com了。
其实这两个我感觉可以合到一起,但是公司需求再变了302,我把web.xml的httpsFilter注释掉还第一种就好了,防患于未然,真的不是我懒!!!