> setSecure() just changes the protocol in PortalURL from http to https... > simple enough. :)
I think that the tricky part is that the default Pluto driver generates relative URLs, so the protocol is not specified. I guess the solution could be to subclass PortletURLProviderImpl implementation so that isSecureSupported() returns true, add a flag for whether or not the generated URL should be secure, and then map the PortalDriverServlet to an alternate URL mapping (i.e., map it to /pluto/sportal or something like that). You can then put a transport guarantee on /pluto/sportal/* in in the deployment descriptor. I'll create a JIRA issue for this and see if I can put together a patch before the 1.1.5 release, but honestly I'm not sure if I can fit it in before then. Does anyone see any problems with the implementation described above? -- Ben
