The following articles will walk through how to configure Cascade CMS to run over SSL:
Once the SSL connector has been enabled per those instructions, users can still access the application through the default port 8080. There are 2 options for preventing this from occurring:
- Comment out the HTTP/1.1 Connector in
tomcat/conf/server.xml
(thus leaving only the SSL/TLS Connector). - Force Tomcat over SSL. To do this, edit the file
tomcat/conf/web.xml
Add a<security-constraint>
element just before the closing</web-app>
element. For example:
<!-- Force SSL for entire site -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Cascade CMS</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
More information on configuring SSL can be found at the Apache Tomcat web site.