Peter Beentje Posted January 5, 2022 Share Posted January 5, 2022 We have a Spotfire server running 10.10 and would like to increase our security. Our server is currently available on both http and https. We followed the instructions at the Tibco KB:How to perform HTTP to HTTPS redirection in TIBCO Spotfire Server. This is successful and redirects our http://spotfireserver/ to https://spotfireserver/ However - it only redirects the root URL. So visitinghttp://spotfireserver/spotfire/login.htmltargetUrl=%2Fspotfire%2F#/ (the default landing page after loading) does NOT redirect tohttps://spotfireserver/spotfire/login.htmltargetUrl=%2Fspotfire%2F#/ How do we ensure that all visits to http://spotfireserver/* are redirected to port 443 We have tried the tomcat-based solution listed atRedirecting HTTP to HTTPS traffic on SF 7.5 | TIBCO Community(Sean Riley's second answer) but that gives the same result: the base URL is redirected to https and other URLs are not redirected. Link to comment Share on other sites More sharing options...
David Boot-Olazabal Posted January 21, 2022 Share Posted January 21, 2022 Hi pbeentje, Isn't it an option to only use https You then only need to comment out the http block in the server.xml. If you need both, I would advise to create a support ticket. Kind regards, David Boot-Olazabal Link to comment Share on other sites More sharing options...
Peter Beentje Posted January 26, 2022 Author Share Posted January 26, 2022 Answered with thanks to PerkinElmer: How do I enable TLS connections on the Spotfire server PerkinElmer In short, the original instruction was almost correct, but the RewriteRule was created for Tomcat 8 while Spotfire 10 uses Tomcat 9. Original suggestion for Tomcat 8: RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,NE,L] The corrected RewriteRule we needed was: RewriteRule ^/(.*) https://spotfireserver/$1 [R,L] this is barely different from the suggested string in the PerkinElmer article, only needing an added/ before the $1. the [NE] tomcat flag prevents the rewrite valve from applyingURI escaping rules; this is not relevant to our particular situation so could be left out without issues. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now