How can I make sure that users cannot access http address on google appengine at all? Now usesrs can use https or http to access site, but is there any way to force users using http protocol to https url?
+1
A:
Ok now I found a way to do it, add following element to your web.xml, and your xml should have following xml definition:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5">
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
http://code.google.com/intl/fi-FI/appengine/docs/java/config/webxml.html#Security_and_Authentication
newbie
2010-10-31 14:19:48
Please append this information to your Original Post and remove this one.
RobertPitt
2010-10-31 14:21:22
why? its correct answer and somebody might need to know it
newbie
2010-10-31 14:25:50