Re: A question about excluding URL patterns from filters
I think I was doing a mistake in the url-pattern. giving the correct URL pattern did the trick. Thanks for the tip on transport-guarantee Chuck. Thanks, Anand On Fri, Feb 6, 2009 at 12:11 PM, Anand HS wrote: > Hi, Thanks for the info about the transport-guarantee. > I did try to use it. Here is the config to exclude xsl files and allow all > others through to HTTPS. > > > > Notify page, accessed internally by > application > *.xsl > > > NONE > > > > > > > Entire Site > /* > > > CONFIDENTIAL > > > > I would expect with this configuration that when i try to load any xsl > through http on my browser, no redirection to https happens. But it doesnt > seem to be happening. Is my configuraiton missing something. ? > > BTW, i use tomcat 6.0.18. > > Thanks, > Anand > > > On Fri, Feb 6, 2009 at 11:31 AM, Caldarale, Charles R < > chuck.caldar...@unisys.com> wrote: > >> > From: Anand HS [mailto:anan...@gmail.com] >> > Subject: A question about excluding URL patterns from filters >> > >> > I have a filter that takes all requests that try to hit http and >> > redirects them through https. >> >> Why are you using a filter? Why not the mechanism >> defined in the servlet spec? >> >> - Chuck >> >> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY >> MATERIAL and is thus for use only by the intended recipient. If you received >> this in error, please contact the sender and delete the e-mail and its >> attachments from all computers. >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> >
Re: A question about excluding URL patterns from filters
Hi, Thanks for the info about the transport-guarantee. I did try to use it. Here is the config to exclude xsl files and allow all others through to HTTPS. Notify page, accessed internally by application *.xsl NONE Entire Site /* CONFIDENTIAL I would expect with this configuration that when i try to load any xsl through http on my browser, no redirection to https happens. But it doesnt seem to be happening. Is my configuraiton missing something. ? BTW, i use tomcat 6.0.18. Thanks, Anand On Fri, Feb 6, 2009 at 11:31 AM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Anand HS [mailto:anan...@gmail.com] > > Subject: A question about excluding URL patterns from filters > > > > I have a filter that takes all requests that try to hit http and > > redirects them through https. > > Why are you using a filter? Why not the mechanism > defined in the servlet spec? > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: A question about excluding URL patterns from filters
> From: Anand HS [mailto:anan...@gmail.com] > Subject: A question about excluding URL patterns from filters > > I have a filter that takes all requests that try to hit http and > redirects them through https. Why are you using a filter? Why not the mechanism defined in the servlet spec? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: A question about excluding URL patterns from filters
On Feb 6, 2009, at 12:24 AM, Anand HS wrote: However, I believe there must be a more 'elegant' way to exclude a url pattern through configuration than adding/modifying more code. :) Could you shed more ideas on this. ? Move it? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
A question about excluding URL patterns from filters
Hi, I have a filter that takes all requests that try to hit http and redirects them through https. Here is the web.xml configuration for that. - SecuredChannelFilter com.psi.servlet.filter.SecuredChannelFilter SecuredChannelFilter * Now, I have a requirement to exclude only *.xsl from this filter. What would be the best way to make this exclusion. ? Currently, I can think of 2 ways - 1. Change the filter code to check the url pattern and exclude only url patterns that request for xsl resources. 2. Create another filter that does nothing but forward the request and the url pattern for that filter would be only *.xsl. I need to however, make sure this filter does not call the SecuredChannelFilter However, I believe there must be a more 'elegant' way to exclude a url pattern through configuration than adding/modifying more code. :) Could you shed more ideas on this. ? Thanks, Anand