Hello, I have setup HTTPS with client authentification and everything runs smoothly.
In my webapplication I have pages, which should be accessed via HTTPS only. However, access to any other pages should be allowed via http. In terms of URLs the scenario can be described as follows: HTTPS://mydomainname.com:8443/secret_data/ # Access allowed HTTP://mydomainname.com/secret_data/ # Access forbidden HTTP://mydomainname.com/* # Access allowed People who access http://mydomainname.com/secret_data/ do not have to get redirected to "HTTPS://mydomainname.com:8443/secret_data/";. Access should just be denied. So to make a long story short: I want that access is denied to people who try to access pages below "mydomainname.com/secret_data/" via http . On the other hand acces to pages via HTTPS should be granted. I have no idea how I can set this up using only one webapplication - which is what I want. Note: I'm not using apache so I can't use any apache directives to restrict access to "/secret_data"! Toni View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3852299#3852299 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3852299 ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
