Bhanu, That is what the user-data-constraint/transport-garentee elements of the web.xml are for. Set your first page to require CONFIDENTIAL user-data-constraint, and all others NONE. Then (not 100% on this) make sure not to request https:// in a link. I think once you request a secured transport, you have to explicitly request non-secured to get out. See if that helps, and let us know.
cgriffith View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3950835#3950835 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3950835 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
