On 14/10/2011 21:09, Janet Preston wrote:
I have a web site with a login page that has to be accessed using SSL so
that the password is not sent as clear text.
That's good.
The rest of the site is non-SSL.
Oh. Why not?
p
signature.asc
Description: OpenPGP digital signature
Hi,
I have a web site with a login page that has to be accessed using SSL so
that the password is not sent as clear text. The rest of the site is
non-SSL. My configuration worked with this combination: Tomcat 5.5.27;
Apache 2.0.58; JAVA 1.5.0_13 and, mod_jk (I'm not sure what version of
On 14/10/2011 21:09, Janet Preston wrote:
Hi,
I have a web site with a login page that has to be accessed using SSL so
that the password is not sent as clear text. The rest of the site is
non-SSL.
So the password is worth protecting but the session ID is not? The
session ID is as good as