<security-constraint>
<web-resource-collection>
<web-resource-name>Login 4 Everything</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/private/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>user</role-name>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<description>SSL not required</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>You will also probably need to set up a filter to redirect non-secure pages out of HTTPS. This is not automatic.
Adam
On 09/23/2003 03:28 AM Michael Futeran wrote:
I am trying to replace an Apache/Tomcat combination with Tomcat standalone. I have everything else working, but I can not figure out how to get requests for secure pages to be auto forwarded to https the way they are with Apache.
-- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
