Hello all gurus,
Could somebody explain me how to force Tomcat 4.1 using SSL for strictly only for
login page?
Thanks,
Pranas
Possibly the best way described in :
http://java.sun.com/webservices/docs/1.1/tutorial/doc/WebAppSecurity4.html
Regards
- Original Message -
From: Pranas [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Monday, December 29, 2003 5:17 PM
Subject: Login page only via SSL
Adding this to your web.xml should work:
security-constraint
web-resource-collection
web-resource-nameSSL/web-resource-name
url-pattern/login.jsp/url-pattern
/web-resource-collection
user-data-constraint
transport-guaranteeCONFIDENTIAL/transport-guarantee
/user-data-constraint