ÔÚ 2003-08-09 16:30:00 ÄúдµÀ£º >Tomcat 4.0.6of you ? Could you tell me ? Thanks~~ >Windows 2000 >IE 5, SP3 >Netscape 7.02 > > >I have a website which is part public, part secure. There are html entries >such as "< a href=members/index.jsp >" in the public area which will >jump to the secure area. The site is entered, by default using >http://localhost:8080 but the members area is protected via SSL and >transport guarantee stanzas > <security-constraint> > <web-resource-collection> > <web-resource-name>ScoutGroup-Secure</web-resource-name> > <url-pattern>/members/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>member</role-name> > </auth-constraint> > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > >I understand that this should force any >http://localhost:8080/scoutgroup/members request to switch to >https://localhost:8443/scoutgroup/members. Under Netscape it does and I am >notified that I am going to a secure page, prompted to accept the SSL >certificate then driven through my logon.jsp to >response.encodeURL("j_security_check"). Under IE, however, I am notified >that I am going to a secure page, prompted to accept the SSL certificate >then told the page cannot be found. > >For testing purposes, I tried putting >http://localhost:8080/scoutgroup/members in the browser's address box. > >The access log contains the following (with my annotations prefixed with >////) >//// Using IE >127.0.0.1 - - [09/Aug/2003:15:09:28 10000] "GET >/scoutgroup/members/index.jsp HTTP/1.1" 302 654 >127.0.0.1 - - [09/Aug/2003:15:09:30 10000] "GET >/scoutgroup/members/index.jsp HTTP/1.1" 302 654 >127.0.0.1 - - [09/Aug/2003:15:09:30 10000] " a ] ?4? >Yq8*+??R?I?T:?<?"[EMAIL PROTECTED] /?4? HTTP/0.9" 501 988 > >//// Using Netscape >127.0.0.1 - - [09/Aug/2003:15:59:48 10000] "GET >/scoutgroup/members/index.jsp HTTP/1.1" 302 654 >127.0.0.1 - - [09/Aug/2003:15:59:50 10000] "GET >/scoutgroup/members/index.jsp HTTP/1.1" 302 654 >127.0.0.1 - - [09/Aug/2003:15:59:50 10000] "GET /scoutgroup/logon.jsp >HTTP/1.1" 200 576 >127.0.0.1 - - [09/Aug/2003:16:01:07 10000] "POST >/scoutgroup/j_security_check HTTP/1.1" 302 654 >127.0.0.1 - nichm001 [09/Aug/2003:16:01:07 10000] "GET >/scoutgroup/members/index.jsp HTTP/1.1" 200 427 > > > >Both browsers caused the same response (SC_MOVED_TEMPORARILY/302) as they >attempted to navigate to the security check but then IE generated something >very peculiar and appeared to try to renegotiate the protocol to http/0.9 >before giving up. > > >I've checked the logs - can't find anything more informative than above. > >I've tried running Tomcat via the "catalina run" command line option but >there is no extra info there either. > >I know I can modify my code to always force the full path into hyperlinks >but that's not good programming and has enormous potential for maintenance >problems. > >Where do I look now? > > >Murray > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > mqg
- SOUVENIR ----------- --------. | Souvenir of China | | A Good Place for You | `--> http://www.souvenirchina.com -' mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]