Transport security is terminated at the router

This rule flags ServletSecurity.TransportGuarantee.CONFIDENTIAL in the Java code and <transport-guarantee>CONFIDENTIAL</transport-guarantee> in the web.xml deployment descriptor.

To disable the transport guarantee in the Java code, change ServletSecurity.TransportGuarantee.CONFIDENTIAL to ServletSecurity.TransportGuarantee.NONE.

To disable the transport guarantee in the web.xml deployment descriptor, change <transport-guarantee>CONFIDENTIAL</transport-guarantee> to <transport-guarantee>NONE</transport-guarantee>.