Hello All: I am running Apache Tomcat 4.1.27, with IIS 5.0 on Windows 2000 Professional configured to serve the JSP pages using the ISAPI redirector.
I have also configured SSL support using the Windows IIS management console. Currently JSP pages can be accessed using the http://SomeHost/SomeDirectory or https://SomeHost/SomeDirectory URL. I am trying to specify URLs that should be available only through SSL. For this, I have added the <security-constraint> section in web.xml for the relevant webapp directory. <web-app> . . . . . </welcome-file-list> <!-- All resources under the /SSL directory should only be available via SSL --> <security-constraint> <web-resource-collection> <web-resource-name>SSL</web-resource-name> <url-pattern>/SSL/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> </web-app> Now, when I try to access the resources under the /SSL directory, (using http or https) IIS gives me a "Page not found" error message. However, if I disable IIS and run Tomcat independently, directory security is enabled, and everything works fine, i.e., if I use http://SomeHost/webapp/SSL, it automatically redirects to https://SomeHost/webapp/SSL. I found an earlier thread (http://mikal.org/interests/java/tomcat/archive/view?mesg=44502) which mentions that the ISAPI redirector may be to blame, but I am not sure if it applies in this scenario. Any help would be greatly appreciated. Thanks, Vic --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
