The following articles will walk through how to configure Cascade CMS to run over SSL:

 Linux/*nix SSL configuration

 Windows SSL configuration

Once the SSL connector has been enabled per those instructions, users can still access the application through the default port 8080. There are 2 options for preventing this from occurring:

  1. Comment out the HTTP/1.1 Connector in tomcat/conf/server.xml  (thus leaving only the SSL/TLS Connector).
  2. Force Tomcat over SSL. To do this, edit the file tomcat/conf/web.xml Add a <security-constraint>  element just before the closing </web-app>  element. For example:
<!-- Force SSL for entire site -->
  <security-constraint>    
     <web-resource-collection>    
         <web-resource-name>Cascade CMS</web-resource-name>    
         <url-pattern>/*</url-pattern>    
     </web-resource-collection>    
     <user-data-constraint>    
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>    
     </user-data-constraint>    
 </security-constraint>

More information on configuring SSL can be found at the Apache Tomcat web site.

Did this answer your question?