在Spring Security或Tomcat中將HTTP重定向到HTTPS

Question

當前，我的Spring應用程序只接受HTTPS協議的請求。下面是現在的security-context.xml

<http auto-config="false" use-expressions="true" 
     disable-url-rewriting="true"> 
     <intercept-url pattern="/signup*" access="permitAll" 
      requires-channel="https" /> 
     <intercept-url pattern="/login*" access="permitAll" 
      requires-channel="https" /> 
     <intercept-url pattern="/logout" access="permitAll" 
      requires-channel="https" /> 
     <form-login authentication-success-handler-ref="myAuthenticationSuccessHandler" 
      login-page="/login" authentication-failure-url="/loginFailed" /> 
     <intercept-url pattern="/**" access="isFullyAuthenticated()" 
      requires-channel="https" /> 
     <session-management 
      session-authentication-error-url="/loginFailed"> 
      <concurrency-control error-if-maximum-exceeded="true" 
       max-sessions="2" /> 
     </session-management> 
     <logout invalidate-session="true" delete-cookies="JSESSIONID" /> 
    </http> 

的部分，我也想應用程序能夠HTTP請求GET重定向到HTTPS，當用戶訪問該域名e.g從http://mydomain.com到https://mydomain.com。我怎樣才能做到這一點？我應該將更改應用於security-context.xml，控制器還是Tomcat本身？

Answer 1

我配置從HTTP（端口80）重定向到HTTPS（端口443）內作爲server.xml

<Connector connectionTimeout="20000" port="80" protocol="HTTP/1.1" redirectPort="443"/>