Force Tomcat to redirect all HTTP traffic to HTTPS.

web.xml

<!--
To force Tomcat to redirect and revert all requested HTTP traffic over to HTTPS, configure the `conf/web.xml` file with the below block. 
This should be placed at the very end of the file near and above the ending `</webapp>` tag:
-->
    <security-constraint>
        <web-resource-collection>
        <web-resource-name>Automatic Forward to HTTPS/SSL
        </web-resource-name>
        <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

Some applications don't work correctly with that security-constraint, so I followed a completely different approach:

* Edit `conf/server.xml` and add the following element into `<Host name="localhost" ...>`:

<Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />

* Create the file `conf/Catalina/localhost/rewrite.config`:

RewriteCond %{HTTPS} =off
RewriteRule ^(.*) https://%{HTTP_HOST}:443$1 [R=301]

Hi! I am using the rewrite valve but can't get it to work. It loads and rules is applied (at least in the logs it shows as applied), but when I run IP:PORT in my browser it does not replace anything. Any ideas? I have been researching the whole internet searching for overwritting http pattern but I only see your method.

I think it may have something to do with the server.xml config, I am not using the localhost interface to run tomcat, how can I check that the Rewrite valve is being applied to all hosts? Im using a vm running on a remote server.
Thanks in advance :)

Thanks, that's great, problem solved

Thank you very much. it solved my problem that i have been looking for weeks :D