Confluence 2.9 has reached end of life
Check out the [latest version] of the documentation
Instructions for enforcing the use of HTTPS for the login page, but falling back to HTTP for all other pages:
Once you have SSL working on tomcat, you need to make use of the urlrewrite plugin that's included by default with Confluence.
First, edit the filter-mapping entry in web.xml for urlrewrite from this:
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/s/*</url-pattern>
</filter-mapping>
to this:
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
The next step is to edit urlrewrite.xml to read like this, changing the hostname and port number to suit your own installation:
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 2.6//EN" "http://tuckey.org/res/dtds/urlrewrite2.6.dtd">
<urlrewrite>
<rule>
<from>^/s/(.*)/_/([^\?]*).*</from>
<run class="com.atlassian.plugin.servlet.ResourceDownloadUtils" method="addCachingHeaders" />
<to type="forward">/$2</to>
</rule>
<rule>
<from>^/login.action</from>
<condition type="scheme" operator="notequal">https</condition>
<to type="redirect">https://localhost:8443/login.action</to>
</rule>
<rule>
<from>^/(.*)</from>
<condition type="scheme" operator="equal">https</condition>
<condition type="request-uri" operator="notequal">/login.action.*</condition>
<condition type="request-uri" operator="notequal">/s/.*</condition>
<to type="redirect">http://localhost:8080/$1</to>
</rule>
</urlrewrite>
Overview
Content Tools
Apps
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.