We have a Tomcat-based server where both port 80 and port 443 are valid and working correctly. We recently added a valve to redirect all requests from port 80 to port 443, with the following rewrite.config:
RewriteCond %{SERVER_PORT} =80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,NE,L]
After rebooting, our base http://server.url is redirected correctly to https://server.url. So we know tomcat is recognising the changes to context.xml and the rewrite.config file.
However, the redirect does not work if there is a path in the URL: for example anyone with http://server.url/login.html bookmarked is not redirected to https. There is no loss of existing functionality (they are able to log in), they are simply not being transferred to port 443.
Which valve rule (pattern) is needed to ensure redirection for all URLs?
The RewriteRule was formatted for Tomcat 8 and was not suitable for Tomcat 9. The equivalent rule that properly redirects all URLs in Tomcat 9 is:
RewriteRule ^/?(.*) https://server.url/$1 [R,NE,L]
Replacing server.url with the server's hostname.