Yup, it's quite brilliant - I think it should be incorporated into Struts. Marino
"Adam Hardy" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > sslext works brilliantly with struts and container-managed security. > Definitely what you want. You put attributes in your action mappings to > tell it whether you want the action mapping under SSL or not. It handles > the redirection to / from SSL. > > Adam > > On 03/12/2004 03:39 PM Mark Lowe wrote: > > You could use a filter which without knowing anything about it i imagine > > what sslext does. > > > > Better than hardcoding redirects. jstl may have something to force the > > scheme also. IMO doing it with mod_rewrite is easier because you any > > have to worry about your live deployment, but if you're using catalina > > as your webserver then I guess that you're going to have to configure that. > > > > > > > > On 12 Mar 2004, at 14:36, Joao Batistella wrote: > > > >> But, I would like to find a way in Java, not in the web server > >> because, for > >> now, I'm using Tomcat web server. > >> Can I just use a send redirect to a HTTP address?? > >> > >> Ex: > >> sendRedirect("http://myserver/myapp/main.jsp";); > >> > >> -----Original Message----- > >> From: Mark Lowe [mailto:[EMAIL PROTECTED] > >> Sent: sexta-feira, 12 de março de 2004 13:30 > >> To: Struts Users Mailing List > >> Subject: Re: Switching from HTTPS to HTTP > >> > >> > >> There's some java thingy you can use to do this, sslext or something.. > >> > >> If you are using apache for your webserver you can use mod_rewrite > >> which means less hassle configuring development envionments and such > >> like. > >> > >> Here's an example. > >> > >> NameVirtualHost machinedomain.net:80 > >> > >> <VirtualHost www.sparrow.com:80> > >> DocumentRoot /www/www.sparrow.com > >> SSLEngine off > >> RewriteEngine on > >> RewriteCond %{SERVER_PORT} ^80$ > >> RewriteRule ^\/checkout > >> https://%{SERVER_NAME}%{REQUEST_FILENAME} [R,L] > >> RewriteRule ^\/admin https://%{SERVER_NAME}%{REQUEST_FILENAME} > >> [R,L] > >> > >> </VirtualHost> > >> > >> Listen *:443 > >> NameVirtualHost [i used the ip here]:443 > >> > >> <VirtualHost www.sparrow.com:443> > >> DocumentRoot /www/www.sparrow.com > >> SSLEngine on > >> RewriteEngine on > >> RewriteCond %{SERVER_PORT} ^443$ > >> RewriteRule !^(\/checkout)|(\/admin) > >> http://%{SERVER_NAME}%{REQUEST_FILE > >> NAME} [R,L] > >> > >> SSLCertificateFile /[apache home]/conf/ssl.crt/server.crt > >> SSLCertificateKeyFile /[apache home]/conf/ssl.key/server.key > >> SSLCACertificateFile /[apache home]/conf/ssl.crt/intermediate.ca > >> </VirtualHost> > >> > >> > >> and requests containing /admin or /checkout will have https scheme > >> forced those that are not wont. > >> > >> On 12 Mar 2004, at 13:59, Joao Batistella wrote: > >> > >>> Hello! > >>> > >>> In my application the login page uses HTTPS to send username and > >>> password to > >>> the server. But after that, if login operation succeed, I want to send > >>> the > >>> user to the main application page using HTTP protocol, not HTTPS. How > >>> can I > >>> switch? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
