Max, Greg:
I successfully tried your given solution. The posted parameters are no longer seen in the location field. Steve -----Original Message----- From: Max Cooper [mailto:[EMAIL PROTECTED]] Sent: Friday, February 15, 2002 4:16 PM To: Struts Users Mailing List Subject: Re: Bug with SSL Greg, Please try setting the redirect attribute of your success action forward to true in the struts-config.xml file, like so: <forward name="success" path="/mainPage.do" redirect="true" /> I'm going to try out this scenario and report back with any additional tips that I can think of. -Max ----- Original Message ----- From: "Greg Hess" <[EMAIL PROTECTED]> To: "Struts Mail List" <[EMAIL PROTECTED]> Sent: Friday, February 15, 2002 11:34 AM Subject: Bug with SSL > Hi All, > > I am using the classes provide by http://struts.ditlinger.com/ to allow for > switching between Http and Https calls in my Struts application. I have > installed SSL and is working fine under a test certificate. I am using the > the extended <ssl:form> > , <ssl:linktags> and the secure property in my Action definitions. I would > like my main logonForm to be submitted using SSL and after the username and > password are received on the server using SSL to switch back to http. What > happens is that the secure data posted by logon.jsp is visible in the > location > http://localhost/emailssl-struts/mainPage.do?password=hess&submit=Submit&use > rname=ghess. I have tried having the LogonAction setRedirect(true) on the > ActionForward returned but with no success. Unfortunately this is making my > secure data visible, how can I fix this bug. > > <!-- Direct main page requests --> > <action > path="/mainPage" > type="org.apache.struts.actions.ForwardAction" > parameter="/maintemplate.jsp"> > <set-property property="secure" value="false"/> > </action> > > <!-- Process a user logon --> > <action > path="/logon" > type="com.wrappedapps.email.LogonAction" > name="logonForm" > scope="request" > validate="true" > input="/logon.jsp"> > <set-property property="secure" value="true"/> > <forward name="success" path="/mainPage.do" /> > </action> > > Thanks, > Greg > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
