"Sonny Sukumar" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > >From: "Bill Barker" <[EMAIL PROTECTED]> > > > > > > > --I reconfigured the SSL port from 8443 to 443 on our server (as well as > >the > > > redirect port), and all of a sudden I can connect using SSL. I don't > > > understand why 8443 didn't work. Any ideas?? > > > > > > >There is a well-know bug in MSIE related to security-constraints, but that > >doesn't seem to apply here. > > Hmm, what's that bug? I'd like to know because I next plan to implement > some <security-constraint>s to prevent insecure access to certain pages and > sets of pages. >
If you are running SSL on a non-standard port (e.g. 8443), and the user attempts to access a page (via http) which is protected with both an auth-constraint and a transport-guarantee, MSIE will fumble around and end up issuing a request for 'http://host:8443/myapp/login.jsp' (which of course will fail). It doesn't happen if you are using the standard SSL port (i.e. 443), or with Tomcat 5. > _________________________________________________________________ > Frustrated with dial-up? Get high-speed for as low as $29.95/month > (depending on the local service providers in your area). > https://broadband.msn.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]