2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END============================================
20 * ===================================================================
21 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
24 package org.onap.clamp.clds;
26 import org.apache.catalina.Context;
27 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
28 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
29 import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
32 * This class is a factory that redirects by default all HTTP to HTTPS
33 * connector. It is used by the Application.java class and defined in a Spring
36 * In order to do this, the method postProcessContext has been overridden to
37 * provide another behavior.
40 public class TomcatEmbeddedServletContainerFactoryRedirection extends TomcatEmbeddedServletContainerFactory {
43 * This method is there to force the automatic redirection of all calls done
44 * on the tomcat server to a Secure connection.
47 protected void postProcessContext(Context context) {
48 SecurityConstraint securityConstraint = new SecurityConstraint();
49 securityConstraint.setUserConstraint("CONFIDENTIAL");
50 SecurityCollection collection = new SecurityCollection();
51 collection.addPattern("/*");
52 securityConstraint.addCollection(collection);
53 context.addConstraint(securityConstraint);