I doubt very much that this implementation is container-specific to tomcat. Did you try searching on 'user-data-constraint' or 'confidential'?
Yes, I did a search for those, but it did not shed any more light on whether or not (and how) cookies created with an SSL connection are visible or accessible to non-SSL requests.
Cookies!? I'm out of my depth now. I was previously talking about going from HTTP to HTTPS as well, but it seems you are required to do the opposite direction. I guess you'll have to wait for the other more qualified listers for an answer.
Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
