最近项目中有个需求，把以前的restful接口采用https的形式访问，从网上查了一下资料，经过亲测之后实现了需求。

网上的资料整理之后如下，请阅。

1、按照上篇文章tomcat6.0配置https单向（服务器）加密方法配置服务器https访问。

2、两种方式配置rest接口https方式：

第一种：web.xml中增加

<security-constraint>
    <web-resource-collection>
        <web-resource-name>securedapp</web-resource-name>
        <url-pattern>/rest/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

第二种：

1)web.xml中增加

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/rest/*</url-pattern>
 </filter-mapping>

2)增加spring-security.xml

<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<http auto-config="true">
<intercept-url pattern="/rest/**" requires-channel="https"/>
<port-mappings>
<port-mapping http="9090" https="9443"/>
</port-mappings>
</http>

<authentication-manager>
</authentication-manager>

</beans:beans>