on 05-22-2015 9:00 AM
How can hybris 5.5.1 Telco Accelerator be configured to permanently run in https mode instead of switching between http and https?
You could also try changing it at tomcat level in web.xml.
<!-- Require HTTPS for everything except /img (favicon) and /css. -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTTPSOnly</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>HTTPSOrHTTP</web-resource-name>
<url-pattern>*.ico</url-pattern>
<url-pattern>/img/*</url-pattern>
<url-pattern>/css/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You have to edit the spring-security-config.xml and set requires-channel="https" for all endpoints. Be aware that there may occure some problems with live edit or orbeon forms if you change this. As I know live-edit only works with http connections and orbeon forms only works with https. Hence, you should test them.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
In spring-security-config.xml
<!-- SSL / AUTHENTICATED pages -->
<security:intercept-url pattern="/my-account*" access="ROLE_CUSTOMERGROUP" requires-channel="https" />
<security:intercept-url pattern="/my-account/**" access="ROLE_CUSTOMERGROUP" requires-channel="https" />
<!-- Force every page to SSL -->
<security:intercept-url pattern="/**" requires-channel="https" />
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
7 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.