Confluence 3.0 has reached end of life
Check out the [latest version] of the documentation
Instructions for enforcing the use of HTTPS for the login page, but falling back to HTTP for all other pages:
Once you have SSL working on tomcat, you need to make use of the urlrewrite plugin that's included by default with Confluence.
First, edit the filter-mapping
entry in web.xml
for urlrewrite from this:
<filter-mapping> <filter-name>UrlRewriteFilter</filter-name> <url-pattern>/s/*</url-pattern> </filter-mapping>
to this:
<filter-mapping> <filter-name>UrlRewriteFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
The next step is to edit urlrewrite.xml
to read like this, changing the hostname and port number to suit your own installation:
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 2.6//EN" "http://tuckey.org/res/dtds/urlrewrite2.6.dtd"> <urlrewrite> <!-- For image references in CSS files --> <rule> <from>^/s/(.*)/_/([^\?]*).*</from> <run class="com.atlassian.plugin.servlet.ResourceDownloadUtils" method="addPublicCachingHeaders" /> <to type="forward">/$2</to> </rule> <rule> <from>^/login.action</from> <condition type="scheme" operator="notequal">https</condition> <to type="redirect">https://localhost:8443/login.action</to> </rule> <rule> <from>^/dologin.action</from> <condition type="scheme" operator="notequal">https</condition> <to type="redirect">https://localhost:8443/dologin.action</to> </rule> <rule> <from>^/(.*)</from> <condition type="scheme" operator="equal">https</condition> <condition type="request-uri" operator="notequal">/login.action.*</condition> <condition type="request-uri" operator="notequal">/dologin.action.*</condition> <condition type="request-uri" operator="notequal">/s/.*</condition> <to type="redirect">http://localhost:8080/$1</to> </rule> </urlrewrite>
Overview
Content Tools
Apps