Thanks Adam,
However, unfortunately no joy :-(
It still isn't switching back to http for other actions when
I specify
<set-property property="secure" value="false"/>
Perhaps I have to replace all <html:form tags with
<sslext:form tags even when
<set-property property="secure" value="false"/>
At any rate, it doesn't seem to work the way I thought it would.
For example, if you log into hotmail, it sends the username and
password over ssl, and then switches back to http for the resulting
pages. This it would seem is impossible to do with sslext because
in order to switch back to http, you must call another action which
has:
<set-property property="secure" value="false"/>
Correct me if I'm wrong with any of this.
Thanks for all the help,
Brian
-----Original Message-----
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 18 October 2003 09:29
To: Struts Users Mailing List
Subject: Re: Help setting up sslext
The only time the protocol switches automatically (read: tomcat switches
it automatically) is when you specify SSL in the web.xml for a URL.
To get it to switch back from SSL into unencrypted, putting
<set-property property="secure" value="false"/>
in the action mapping is necessary.
HTH
Adam
On 10/17/2003 04:53 PM Brian McSweeney wrote:
> I've put in the change in the action-mappings in the
> struts-config.xml file
>
> <action-mappings type="org.apache.struts.config.SecureActionConfig">
>
> but the problem is, ssl doesn't seem to be switching at all. The
> action runs in https when I say it should, but all other actions then
> continue to run in https. I was under the impression that they'd
> switch back to normal http. Is this not correct?
>
> -----Original Message----- From: Adam Hardy
> On 10/16/2003 05:13 PM Brian McSweeney wrote:
>> a) Change the action-mappings in the struts-config.xml file
>> <action-mappings
>> type="org.apache.struts.config.SecureActionConfig">
>>
>> b) Change the web.xml file as follows:
>> <servlet-name>action</servlet-name>
>>
>> <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
>> <!-- Struts Config --> <init-param>
>> <param-name>config</param-name>
>> <param-value>/WEB-INF/struts-config.xml</param-value> </init-param>
>> <init-param> <param-name>mapping</param-name>
>>
<param-value>org.apache.struts.action.SecureActionMapping</param-value>
>> </init-param>
>>
>> could someone tell me if either of these steps are necessary, or
>> what else is necessary?
>
> Hi Brian, your (a) is definitely necessary to enable this:
>
> <action path="/staticjavascriptssl"
> forward="/WEB-INF/general/staticjavascript.jsp"> <set-property
> property="secure" value="true"/> </action>
>
> I have not used, or heard of before, your (b). Perhaps it has the
> same effect as (a).
--
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
