Thanks a lot for your response, the only one we have received so far.
Yes we are using frames, but we are referencing all the contents from the
secure server.
Can you be more specific in your explanation because I am not sure if I
follow what you are saying of how to resolve it.
Thanks Again
-----Original Message-----
From: Alex P Deller [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 15, 1999 3:36 PM
To: [EMAIL PROTECTED]
Subject: Re: HELP on SECURITY
We have about the same environment and cam across the same problem. I would
assume tht you are using frames and some of the content is from the unsecure
server and some is from the secure server?
To solve the problem we defined the URL's as absolute indirectly We had
each JSP reference a base.jsp which contained the references for the beans
and a utils.class file. In the utils.class file we define the full URL for
the HTTP and HTTPS box's. This way you can port everything to another box,
and only change one file!
>>> "Kathiresan, Vallikun" <[EMAIL PROTECTED]> 09/15 12:22 PM >>>
We are using Netscape Enterprise Server 3.5.1 w/JRUN for a JavaServlet
application. We have a digital certificate for our website. When the user
logs in, they are presented with a web page that contains a form
w/ACTION="/servlet/NewCaseReportHandler". When the form is submitted under
IE, we get the following security Alert: "the web page you are about to view
has non secure items. Do you wish to continue?"
We don't get the security alert if we set the ACTION to the entire path:
"https://www.ourhostname.com/servlet/NewCaseReportHandler.
But we don't want to specify the entire URL for portability reasons between
our test and development environments. IS THERE ANYWAY we can specify in the
ACTION that it is a secure protocol(https) but not the entire address. Is
there some webserver or JRUN setting that would help solve this issue.
ANY HELP GREATLY APPRECIATED.
THANKS
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
