SSL: Secure Backend Login - Documentation topics on: https,login,security,ssl,.

SSL: Secure Backend Login

After a dotCMS instance is Configured to Run SSL, you may configure the dotCMS web.xml file (/dotserver/tomcat-X.x.xx/webapps/ROOT/WEB-INF/web.xml) to require SSL for all backend user logins.

Note: It is strongly recommended that all changes to the dotCMS configuration files be made via a Root Plugin.

To make this change, add all of the following <security-constraint> sections to the web.xml file:

<security-constraint>
   <web-resource-collection>
        <web-resource-name>Portal</web-resource-name>
        <description>Secure the login page</description>
        <url-pattern>/c/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<security-constraint>
   <web-resource-collection>
        <web-resource-name>Portal Admin Login</web-resource-name>
        <description>Secure the login page</description>
        <url-pattern>/admin</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<security-constraint>
   <web-resource-collection>
        <web-resource-name>Portal Edit</web-resource-name>
        <description>Secure the login page</description>
        <url-pattern>/edit</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<security-constraint>
   <web-resource-collection>
        <web-resource-name>Portal Login</web-resource-name>
        <description>Secure the login page</description>
        <url-pattern>/html/portal/login.jsp</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>